o8o 
                                `"' 
ooo. .oo.  .oo.    .ooooo.     oooo 
`888P"Y88bP"Y88b  d88' `88b    `888 
 888   888   888  888   888     888 
 888   888   888  888   888     888 
o888o o888o o888o `Y8bod8P'     888 
                                888 
                            .o. 88P 
                            `Y888P

~~ who ~~

Honestly? I don't know.

It no longer feels like it's my place to say.

I'll leave it for you to decide.

~~ communicate ~~

one-on-one moj@sdf.org
soapbox @moj@mastodon.sdf.org
hotline SDF Phone x2239

Jacob's Ladder

Published: 14 Jun 2022

Old Techies, resting on their laurels.

I saw his post: “I’ve built out the authentication system. Post your SSH key or key changes to the GitHub repository. The system updates every 15 minutes.”

Huh?

I looked at the other file in the repo: an sh script, clearly meant to be run on his server. It pulls the repository and loops through the files in that directory. For each, using the file’s name, a home directory is created if it does not exist, and the ssh key contained in that file is put inside.

WTF. Why does he need a shell script to do that kind of work? Doesn’t he know that PAM on those VMs can be flagged to create new home directories automatically for successful logins? That’s ancient…

Wait a minute… WTF. Why is he populating keys but not deprecating missing ones? Hell, look: there’s someone who’s not even with the group anymore! Doesn’t he know that SSHD supports “AuthorizedKeysCommand” to check against current source?

Wait a minute… Isn’t the crew already posting public SSH keys to GitHub already? Why not use GitHub as an IdM and just push all the worries off to them? People have been building those sshd oauth2 solutions, no?

Wait a minute… What’s on this server anyway? WHAT?!? A repository of material pulled from another website? Why is GitHub itself not the repository?

Because you also want to BUILD what’s in the repository?!? Never heard of Docker? CI/CD? GitHub Actions?

JFC… I’ve got to stop asking. Each question just unravels everything I asked before.

There’s a toy called “Jacob’s Ladder” – a string of squares with threads of ribbon woven between them. (Take a look for yourself: YouTube). When you hold it up and tilt the top-most block forward enough, a cascade of CLACK! CLACK! CLACK! begins as the blocks flip, one by one, until the entire chain is reversed. I always think of that toy when I watch my mind change context, revising focus or toggling assumptions.

Well, it’s telling: He didn’t create the GitHub repository; it was created for him. And the fellow that created it? His is the public key prominently missing in there. This fellow is all “Back when I was …” war stories. I appreciate that – I have a collection of my own. That there’s nothing new? Yeah… maybe that’s okay too. One or two more stories, though, and I’ll be able to pinpoint the precise date he put the code freeze on his brain.

And maybe even that’s okay – Ol’ Reliable has its place. Its place, though, should probably not be calling everybody else an idiot.