I'm moving this discussion from IRC to email in hopes of spanning a
few more timezones.
A few people (me included) have noticed that some instances which
recently had access to the outside Internet no longer have this access.
For example, my swiss-army-instance 'utils-abogott' used to chat with
freenode and can no longer. The same change in access has happened to
etherpad.wmflabs.org, and presumably many other instances.
I'm assuming this is on purpose, due to a new policy that increases
enforcement of security groups. True?
If yes, I still have two questions:
1) In the default security group for that project I see this rule: 22,
22, 0.0.0.0/0 which I would take to mean 'ssh allowed to/from
anywhere.' And yet, best I can tell I cannot initiate an ssh connection
to anywhere from that system. Am I making a dumb mistake?
2) The help page about security groups
(https://labsconsole.wikimedia.org/wiki/Help:Security) suggests that
security settings cannot be changed for existing instances. Doesn't
that pose quite a serious problem for people who are invested in
instances that existed before the (presumed) new security policy?
Thanks!
-Andrew
_______________________________________________
Labs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/labs-l
