cothomps on Hacker News

1

Dr. Don Gurnett, U. Iowa Space Physicist Retires (opens in new tab)

(now.uiowa.edu)

1cothomps6y ago1

2

Securing Digital Ocean / Linode Instances With Dome9 (opens in new tab)

(chadthompson.me)

2cothomps11y ago0

3

Static Web Hosting With Amazon S3 (opens in new tab)

(chadthompson.me)

2cothomps12y ago0

4

Ask HN: Is the Bastion Host Security Pattern Outdated?

Following on to this article:

http://programming.oreilly.com/2014/01/is-the-jump-box-obsolete.html?cmp=tw-prog-na-article-pr_is_the_jump_box_obsolete

The article proposes that the Jump Box / Bastion Host pattern is obsolete for many cloud deployments. I've been using a 'bastion host' pattern to access Amazon VPCs - and while the security / IP infrastructure is somewhat simpler to maintain, there really is no way to audit user access; the AWS EC2 private key infrastructure and bastion host pattern pretty much ensure every user runs as 'root'.

Are there better alternative for AWS (or other IaaS services in general) than the bastion host pattern?

3cothomps12y ago1

cothomps

Recent submissions

Dr. Don Gurnett, U. Iowa Space Physicist Retires (opens in new tab)

Securing Digital Ocean / Linode Instances With Dome9 (opens in new tab)

Static Web Hosting With Amazon S3 (opens in new tab)

Ask HN: Is the Bastion Host Security Pattern Outdated?

Recent submissions

Dr. Don Gurnett, U. Iowa Space Physicist Retires (opens in new tab)

Securing Digital Ocean / Linode Instances With Dome9 (opens in new tab)

Static Web Hosting With Amazon S3 (opens in new tab)

Ask HN: Is the Bastion Host Security Pattern Outdated?