Comment by sam_lowry_

Comment by sam_lowry_ 12 hours ago

5 replies

View on Hacker News

Another one: you sold an online business and forgot about it until the moment the buyer contacts you asking for a meeting exactly when you decide whether you want to go to the bomb shelter or risk staying in the appartment building so conveniently located next to a damb that protects Kyiv from flooding.

You decide that staying on the 9th floor on the path of cruise missiles to the damb is too risky, pick your good old Toughbook that has enough juice to last until dawn, and go downstairs, asking the buyer over phone to reset the root password and send it over whatsapp.

Once installed in the shelter, you quickly realize the disk is full, clean the logs and give furter instructions to the buyer to pass on to his IT.

teruakohatu 12 hours ago

Instead: you WhatsApp your public ssh key to the buyer and login once they confirm your key has been added.

I have had to send my ssh pub key over all sorts of messaging platforms.

Reply View 4 replies
  • sam_lowry_ 10 hours ago

    No way this person would understand what I want him to do. And if he would not understand, he would grow suspicious. No, no and and no again.

    Reply View 3 replies
    • Volundr 7 hours ago

      Just making sure I understand.

      You have sold your business but are still responsible for IT support.

      You are responsible for IT support but don't already have a defined access path.

      The new buyer knows what a root password is and how to gain access to a Linux machine and reset it, but does not know what an SSH key is, or how to check for a full disk.

      Despite clearly being a (very specific kind of) novice the new owner is suspicious of the person responsible for his IT giving him instructions he doesn't understand?

      Reply View 2 replies
      • sam_lowry_ 5 hours ago

        Nope.

        It happened once and I hope won't happen again. I make myself available out of courtesy and I made a point that I will not be remunerated outside of the long expired knowledge transfer agreement.

        Funnily, I got remunerated this one time with a lavish gift card for Neuhaus, but it only proves the point.

        Of course the buyer knew the root password, details of the setup and all passwords reset procedures were part of the deal.

        And of course they can reset the password when properly guided, people are not dumb even when they are not software engineers.

        OTOH, most people are totaly unaware of Diffie-Hellman key exchange, the roles of public and private keys and have limited patience and even less interest in learning new things in a stressful situation.

        And yes, people with money and authority have a particular distrust for people with skills and knowledge.

        Reply View 1 reply
        • Volundr 2 hours ago

          > It happened once and I hope won't happen again.

          I should certainly hope not. I definitely won't be making "I'm providing free IT support while being bombed to someone who apparently thinks I'm some kind of conman instead of trying to help" a priority scenario in my infrastructure planning.

          Reply View 0 replies