Date: Thu, 13 Aug 2020 14:58:54 -0400 From: Aryeh Friedman <aryeh.friedman@gmail.com> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: OT: Dealing with a hosting company with it's head up it's rear end Message-ID: <CAGBxaX=XbbFLyZm5-BO=6jCCrU%2BV%2BjubxAkTMYKnZZZq=XK50A@mail.gmail.com> In-Reply-To: <CAGBxaXmg0DGSEYtWBZcbmQbqc2vZFtpHrmW68txBck0nKJak=w@mail.gmail.com> References: <CAGBxaXmg0DGSEYtWBZcbmQbqc2vZFtpHrmW68txBck0nKJak=w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Forgot to ask how common is such idiocy? And is it becoming more common? On Thu, Aug 13, 2020 at 2:56 PM Aryeh Friedman <aryeh.friedman@gmail.com> wrote: > The hosting company for one of our clients sent the following reply to > us/them when we asked them to setup end user accounts on a dedicated > Windows Server, FreeBSD box and CentOS box (all VM's on the same physical > machine with no other VM's on the physical machine) and being told we > needed scriptable access (not web based non-scriptable) to the windows > desktop and shell accounts (including the ability to sudo) and they agreed > to provide it: > > "[Insert client name here], we do not allow RDP or SSH into our > datacenter. They are the primary vehicles for ransomware and cryptolocker > breaches. We utilize a secure access portal with multi-factor > authentication to ensure you don't get breached." > > I kind of understand RDP (but we have had bad luck with VNC on the same > hosting provider in the past so we prefer RDP), but SSH!?!?!?!?! Their > idea of a "two factor" authentication is each connection will only be > allowed via a web portal and must use a one-time password sent the users > smartphone. Not only does this make automated deploy impossible it is a > complete show stopper since our service is IoT and uses its own custom > protocol. > > So how do we/the client tell the hosting company they are full of sh*t > (the client has a 3 year contract with a pay in full to break clause with > them which would be over $100k to break) > > -- > Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org > -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGBxaX=XbbFLyZm5-BO=6jCCrU%2BV%2BjubxAkTMYKnZZZq=XK50A>