Y
Hacker News
new
|
ask
|
show
|
jobs
by
oasisbob
1278 days ago
Why was that guy running Jenkins without a password?
1 comments
onion2k
1278 days ago
Years ago when I actually did any devops running services without a password was common. They would configured to only be accessible using SSH from a locked down IP range. It's far more secure than password based access (if you get it right).
link
988747
1278 days ago
Yes, but that was a design/security choice. What OP described seems like a pure negligence ("setting up authentication is hard, so let's skip it").
link