5093f3120e
This is a big commit, and I apologize in advance for the future
git-blames all pointing to me. This commit does a few things:
1. Merges the website/docs and website/www repo into a single website repo
to be in line with other HashiCorp projects
2. Updates to use middleman-hashicorp
3. Converts less to scss to be in line with other projects
4. Updates page styles to be in line with other projects
5. Optimizes images
6. Prepare for S3 + Fastly deployment with scripts, etc.
7. Removes blog posts (they have been transferred to hashicorp.com with
redirects in place
8. Updated sitemap generation script for better SEO
9. Fixed many broken links
10. Add description to all fields
61 lines
2.4 KiB
Markdown
61 lines
2.4 KiB
Markdown
---
|
|
layout: "docs"
|
|
page_title: "Security - Vagrant Share"
|
|
sidebar_current: "share-security"
|
|
description: |-
|
|
Sharing your Vagrant environment understandably raises a number of security
|
|
concerns.
|
|
---
|
|
|
|
# Security
|
|
|
|
Sharing your Vagrant environment understandably raises a number of security
|
|
concerns.
|
|
|
|
The primary security mechanism for Vagrant
|
|
Share is security through obscurity along with an encryption key for SSH.
|
|
Additionally, there are several configuration options made available to
|
|
help control access and manage security:
|
|
|
|
* `--disable-http` will not create a publicly accessible HTTP URL. When
|
|
this is set, the only way to access the share is with `vagrant connect`.
|
|
|
|
* `--ssh-once` will allow only one person to SSH into your shared environment.
|
|
After the first SSH access, the keypair is physically deleted and SSH
|
|
access will not be possible anymore.
|
|
|
|
In addition to these options, there are other features we've built to help:
|
|
|
|
* Vagrant share uses end-to-end TLS connections. So even unencrypted TCP streams
|
|
are encrypted through the various proxies and only unencrypted during the final
|
|
local communication between the local proxy and the Vagrant environment.
|
|
|
|
* Share names, such as happy-panda-1234, are randomly chosen from a pool
|
|
of over 40,000,000 possible names. And we're routinely adding more
|
|
words to grow this pool. It is unlikely that anyone will guess your
|
|
share name.
|
|
|
|
* SSH keys are encrypted by default, using a password that is not transmitted
|
|
to our servers or across the network at all.
|
|
|
|
* SSH is not shared by default, it must explicitly be shared with the
|
|
`--ssh` flag.
|
|
|
|
* A web interface we've built shows share history and will show basic
|
|
access logs in the future.
|
|
|
|
* Share sessions expire after a short time (currently 1 hour), but
|
|
can also be expired manually by `ctrl-c` from the sharing machine
|
|
or via the web interface.
|
|
|
|
Most importantly, you must understand that by running `vagrant share`,
|
|
you are making your Vagrant environment accessible by anyone who knows
|
|
the share name. When share is not running, it is not accessible.
|
|
|
|
Later, we will be expanding the security of this feature by adding ACLs,
|
|
so you are able to explicitly allow
|
|
access to your share based on who is connecting.
|
|
|
|
For maximum security, we will also allow you to run your own Vagrant
|
|
Share server. This option is not available yet.
|