Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Defender: Authentication to Linux machines should require SSH keys (Sonatype Nexus VM) #4359

Open
jonnyry opened this issue Feb 11, 2025 · 1 comment · May be fixed by #4366
Open

Defender: Authentication to Linux machines should require SSH keys (Sonatype Nexus VM) #4359

jonnyry opened this issue Feb 11, 2025 · 1 comment · May be fixed by #4366
Labels
story Stories are the smallest unit of work to be done for a project.

Comments

@jonnyry
Copy link
Collaborator

jonnyry commented Feb 11, 2025

This ticket is for the Sonatype Nexus Linux VM.

Image
@jonnyry jonnyry added the story Stories are the smallest unit of work to be done for a project. label Feb 11, 2025
@marrobi
Copy link
Member

marrobi commented Feb 11, 2025

Hmm, it's on a private network so think this is low risk. As they are stored in keyvault and used by bastion, should be easy enough to change, can generate the keys in Azure now, that didn't used to be possible.

marrobi added a commit that referenced this issue Feb 12, 2025
@marrobi
Nexus Linux machine uses SSH keys
677fb05 
Fixes #4359

Update Sonatype Nexus VM to require SSH key-based authentication.

* Remove password-based authentication and related resources from `templates/shared_services/sonatype-nexus-vm/terraform/vm.tf`.
* Add resources to generate and store SSH keys in Key Vault.
* Update the `connection` block to use the SSH private key for authentication.
* Update `docs/tre-templates/shared-services/nexus.md` to reflect the change to SSH key-based authentication and provide instructions on how to retrieve the SSH private key from Key Vault.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/microsoft/AzureTRE/issues/4359?shareId=XXXX-XXXX-XXXX-XXXX).
@marrobi marrobi linked a pull request Feb 12, 2025 that will close this issue
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
story Stories are the smallest unit of work to be done for a project.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Nexus Linux machine uses SSH keys microsoft/AzureTRE
2 participants
@jonnyry @marrobi