Best practices for giving outside developer SSH access? Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Come Celebrate our 10 Year Anniversary!Linux: set up for remote sysadminCannot Access SSH - “Did not receive identification string from [IP]” in LogsHow to automate SSH session for a specific user from a specific IP?Best pratice for VPS setup and administration (web/ftp/ssh)What's best practice for communication between Amazon EC2 instances?Ultra Secure Linux Server SSH OnlySecurity risks of opening firewall for ssh access from internal to DMZHow to delete massive files via ftp or ssh?How do server administrators like their server logs?Folder keeps getting deleted and I can't find out whyPotential hijacked SSH session & SSH best practices

If a contract sometimes uses the wrong name, is it still valid?

Does accepting a pardon have any bearing on trying that person for the same crime in a sovereign jurisdiction?

Is the Standard Deduction better than Itemized when both are the same amount?

Best practices for giving outside developer SSH access?

Did Xerox really develop the first LAN?

Why is "Captain Marvel" translated as male in Portugal?

What are 'alternative tunings' of a guitar and why would you use them? Doesn't it make it more difficult to play?

What do you call a plan that's an alternative plan in case your initial plan fails?

What would be the ideal power source for a cybernetic eye?

Does surprise arrest existing movement?

Output the ŋarâþ crîþ alphabet song without using (m)any letters

Can inflation occur in a positive-sum game currency system such as the Stack Exchange reputation system?

Did Kevin spill real chili?

How to motivate offshore teams and trust them to deliver?

Withdrew £2800, but only £2000 shows as withdrawn on online banking; what are my obligations?

How can I fade player when goes inside or outside of the area?

Why are there no cargo aircraft with "flying wing" design?

How to find all the available tools in macOS terminal?

Is there a documented rationale why the House Ways and Means chairman can demand tax info?

Bonus calculation: Am I making a mountain out of a molehill?

ListPlot join points by nearest neighbor rather than order

What makes black pepper strong or mild?

What's the purpose of writing one's academic bio in 3rd person?

Is a manifold-with-boundary with given interior and non-empty boundary essentially unique?



Best practices for giving outside developer SSH access?



Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Come Celebrate our 10 Year Anniversary!Linux: set up for remote sysadminCannot Access SSH - “Did not receive identification string from [IP]” in LogsHow to automate SSH session for a specific user from a specific IP?Best pratice for VPS setup and administration (web/ftp/ssh)What's best practice for communication between Amazon EC2 instances?Ultra Secure Linux Server SSH OnlySecurity risks of opening firewall for ssh access from internal to DMZHow to delete massive files via ftp or ssh?How do server administrators like their server logs?Folder keeps getting deleted and I can't find out whyPotential hijacked SSH session & SSH best practices



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








2















N00b here - I'm upgrading my website so that it isn't using a depreciated version of MySql/ PHP. I'm not comfortable enough with the code so I'm using an outside developer.



Due to this being database related I they will need SSH access ... which scares me.



I'm mostly worried about this developer accessing or downloading files that they don't need/I don't want them to. Are there activity logs when using SSH that shows what files were accessed? Is there a way to delete the logs?



I appreciate any thoughts!






ssh logging







share|improve this question







New contributor




Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 3





    Someone with root access can do basically anything, including covering virtually any tracks they might leave. If you don't have an existing reputable contact (preferably a firm, and preferably in a jurisdiction you can go after in something like small claims court), you may be better off setting up a new server, contracting them to do any development work on the codebase to bring it up to modern PHP (thus controlling what you provide them with), and installing it yourself on the new server. Even there, there's a risk of back-doors.

    – ceejayoz
    6 hours ago






  • 2





    Is your developer expected to do the system upgrade for you? If so they will probably need sysadmin level acces and then they can do anything and everything. But for inspiration see this Q&A of mine: serverfault.com/q/805333/37681

    – HBruijn
    6 hours ago











  • Mysql database can be configured to allow direct remote access without need to provide SSH access. Malicious developer can add backdoor while having any access level though... (Backup is your friend)

    – Anubioz
    6 hours ago












  • @Anubioz If a MySQL (and PHP) upgrade is required, as appears to be the case, mere access to run SQL queries won't be sufficient.

    – ceejayoz
    5 hours ago











  • @ceejayoz I considered the MySQL/PHP versions already to be upgraded on the host for the developer to fix compatability issues with the web app itself (since updating OS for latest software version otherwise might be non-trivial task, usually unsuited for them ))

    – Anubioz
    5 hours ago

















2















N00b here - I'm upgrading my website so that it isn't using a depreciated version of MySql/ PHP. I'm not comfortable enough with the code so I'm using an outside developer.



Due to this being database related I they will need SSH access ... which scares me.



I'm mostly worried about this developer accessing or downloading files that they don't need/I don't want them to. Are there activity logs when using SSH that shows what files were accessed? Is there a way to delete the logs?



I appreciate any thoughts!






ssh logging







share|improve this question







New contributor




Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 3





    Someone with root access can do basically anything, including covering virtually any tracks they might leave. If you don't have an existing reputable contact (preferably a firm, and preferably in a jurisdiction you can go after in something like small claims court), you may be better off setting up a new server, contracting them to do any development work on the codebase to bring it up to modern PHP (thus controlling what you provide them with), and installing it yourself on the new server. Even there, there's a risk of back-doors.

    – ceejayoz
    6 hours ago






  • 2





    Is your developer expected to do the system upgrade for you? If so they will probably need sysadmin level acces and then they can do anything and everything. But for inspiration see this Q&A of mine: serverfault.com/q/805333/37681

    – HBruijn
    6 hours ago











  • Mysql database can be configured to allow direct remote access without need to provide SSH access. Malicious developer can add backdoor while having any access level though... (Backup is your friend)

    – Anubioz
    6 hours ago












  • @Anubioz If a MySQL (and PHP) upgrade is required, as appears to be the case, mere access to run SQL queries won't be sufficient.

    – ceejayoz
    5 hours ago











  • @ceejayoz I considered the MySQL/PHP versions already to be upgraded on the host for the developer to fix compatability issues with the web app itself (since updating OS for latest software version otherwise might be non-trivial task, usually unsuited for them ))

    – Anubioz
    5 hours ago













2












2








2








N00b here - I'm upgrading my website so that it isn't using a depreciated version of MySql/ PHP. I'm not comfortable enough with the code so I'm using an outside developer.



Due to this being database related I they will need SSH access ... which scares me.



I'm mostly worried about this developer accessing or downloading files that they don't need/I don't want them to. Are there activity logs when using SSH that shows what files were accessed? Is there a way to delete the logs?



I appreciate any thoughts!






ssh logging







share|improve this question







New contributor




Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












N00b here - I'm upgrading my website so that it isn't using a depreciated version of MySql/ PHP. I'm not comfortable enough with the code so I'm using an outside developer.



Due to this being database related I they will need SSH access ... which scares me.



I'm mostly worried about this developer accessing or downloading files that they don't need/I don't want them to. Are there activity logs when using SSH that shows what files were accessed? Is there a way to delete the logs?



I appreciate any thoughts!






ssh logging




ssh logging






share|improve this question







New contributor




Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question







New contributor




Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question






New contributor




Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 6 hours ago









Roberto FrinkRoberto Frink

111




111




New contributor




Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Roberto Frink is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 3





    Someone with root access can do basically anything, including covering virtually any tracks they might leave. If you don't have an existing reputable contact (preferably a firm, and preferably in a jurisdiction you can go after in something like small claims court), you may be better off setting up a new server, contracting them to do any development work on the codebase to bring it up to modern PHP (thus controlling what you provide them with), and installing it yourself on the new server. Even there, there's a risk of back-doors.

    – ceejayoz
    6 hours ago






  • 2





    Is your developer expected to do the system upgrade for you? If so they will probably need sysadmin level acces and then they can do anything and everything. But for inspiration see this Q&A of mine: serverfault.com/q/805333/37681

    – HBruijn
    6 hours ago











  • Mysql database can be configured to allow direct remote access without need to provide SSH access. Malicious developer can add backdoor while having any access level though... (Backup is your friend)

    – Anubioz
    6 hours ago












  • @Anubioz If a MySQL (and PHP) upgrade is required, as appears to be the case, mere access to run SQL queries won't be sufficient.

    – ceejayoz
    5 hours ago











  • @ceejayoz I considered the MySQL/PHP versions already to be upgraded on the host for the developer to fix compatability issues with the web app itself (since updating OS for latest software version otherwise might be non-trivial task, usually unsuited for them ))

    – Anubioz
    5 hours ago












  • 3





    Someone with root access can do basically anything, including covering virtually any tracks they might leave. If you don't have an existing reputable contact (preferably a firm, and preferably in a jurisdiction you can go after in something like small claims court), you may be better off setting up a new server, contracting them to do any development work on the codebase to bring it up to modern PHP (thus controlling what you provide them with), and installing it yourself on the new server. Even there, there's a risk of back-doors.

    – ceejayoz
    6 hours ago






  • 2





    Is your developer expected to do the system upgrade for you? If so they will probably need sysadmin level acces and then they can do anything and everything. But for inspiration see this Q&A of mine: serverfault.com/q/805333/37681

    – HBruijn
    6 hours ago











  • Mysql database can be configured to allow direct remote access without need to provide SSH access. Malicious developer can add backdoor while having any access level though... (Backup is your friend)

    – Anubioz
    6 hours ago












  • @Anubioz If a MySQL (and PHP) upgrade is required, as appears to be the case, mere access to run SQL queries won't be sufficient.

    – ceejayoz
    5 hours ago











  • @ceejayoz I considered the MySQL/PHP versions already to be upgraded on the host for the developer to fix compatability issues with the web app itself (since updating OS for latest software version otherwise might be non-trivial task, usually unsuited for them ))

    – Anubioz
    5 hours ago







3




3





Someone with root access can do basically anything, including covering virtually any tracks they might leave. If you don't have an existing reputable contact (preferably a firm, and preferably in a jurisdiction you can go after in something like small claims court), you may be better off setting up a new server, contracting them to do any development work on the codebase to bring it up to modern PHP (thus controlling what you provide them with), and installing it yourself on the new server. Even there, there's a risk of back-doors.

– ceejayoz
6 hours ago





Someone with root access can do basically anything, including covering virtually any tracks they might leave. If you don't have an existing reputable contact (preferably a firm, and preferably in a jurisdiction you can go after in something like small claims court), you may be better off setting up a new server, contracting them to do any development work on the codebase to bring it up to modern PHP (thus controlling what you provide them with), and installing it yourself on the new server. Even there, there's a risk of back-doors.

– ceejayoz
6 hours ago




2




2





Is your developer expected to do the system upgrade for you? If so they will probably need sysadmin level acces and then they can do anything and everything. But for inspiration see this Q&A of mine: serverfault.com/q/805333/37681

– HBruijn
6 hours ago





Is your developer expected to do the system upgrade for you? If so they will probably need sysadmin level acces and then they can do anything and everything. But for inspiration see this Q&A of mine: serverfault.com/q/805333/37681

– HBruijn
6 hours ago













Mysql database can be configured to allow direct remote access without need to provide SSH access. Malicious developer can add backdoor while having any access level though... (Backup is your friend)

– Anubioz
6 hours ago






Mysql database can be configured to allow direct remote access without need to provide SSH access. Malicious developer can add backdoor while having any access level though... (Backup is your friend)

– Anubioz
6 hours ago














@Anubioz If a MySQL (and PHP) upgrade is required, as appears to be the case, mere access to run SQL queries won't be sufficient.

– ceejayoz
5 hours ago





@Anubioz If a MySQL (and PHP) upgrade is required, as appears to be the case, mere access to run SQL queries won't be sufficient.

– ceejayoz
5 hours ago













@ceejayoz I considered the MySQL/PHP versions already to be upgraded on the host for the developer to fix compatability issues with the web app itself (since updating OS for latest software version otherwise might be non-trivial task, usually unsuited for them ))

– Anubioz
5 hours ago





@ceejayoz I considered the MySQL/PHP versions already to be upgraded on the host for the developer to fix compatability issues with the web app itself (since updating OS for latest software version otherwise might be non-trivial task, usually unsuited for them ))

– Anubioz
5 hours ago










2 Answers
2






active

oldest

votes


















4














In a password protected area you can install for instance https://www.adminer.org/ or https://www.phpmyadmin.net/ to allow someone access to the database without giving them SSH access, but that won't allow them to upgrade the OS for you.



Almost regardless of how much you trust the developer, make a good backup beforehand of your system, settings and data.






share|improve this answer























  • Awesome, thanks for the tips! My biggest fear is that there are around 100GB of proprietary/ trade secret documents in one directory that I don't want the developer downloading. Is there a way to temporary move that folder to somewhere they can't access? Realistically the code changes should only take a few hours so I suppose I could just download the entire folder and delete it from the server. Then upload it again after the fact. But is there an easier way than that?

    – Roberto Frink
    6 hours ago











  • Frankly, if you've got 100 GB of trade secrets on an out-of-support PHP server, I'd worry less about a particular developer and more about the rest of the Internet. Taking them off the server ASAP would be a good step either way.

    – ceejayoz
    5 hours ago











  • Thanks! That is a very astute point @ceejayoz

    – Roberto Frink
    5 hours ago



















2














No, you're allowing someone you don't trust to have root access to your servers. which means they can install a rat in the system or mess with it. you can log files accessed and permissions by creating an account and pass for the person but since he will need root access he can log in and then start deleting your monitoring system. which leaves you to square one. i suggest hire a firm that has reputation. hiring a single person from a craigslist ad would be asking for trouble.






share|improve this answer

























  • Thanks! The developer would actually be from the company that made the specific platform I need updating. However, they are located in a different country where legal action would be unlikely which is what worries me most. But I think I am being overly paranoid.

    – Roberto Frink
    5 hours ago












  • my advice is just make a backup copy of the system before access. that way you can restore if there's any issues.

    – user3897632
    4 hours ago











Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






Roberto Frink is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f963175%2fbest-practices-for-giving-outside-developer-ssh-access%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes









4














In a password protected area you can install for instance https://www.adminer.org/ or https://www.phpmyadmin.net/ to allow someone access to the database without giving them SSH access, but that won't allow them to upgrade the OS for you.



Almost regardless of how much you trust the developer, make a good backup beforehand of your system, settings and data.






share|improve this answer























  • Awesome, thanks for the tips! My biggest fear is that there are around 100GB of proprietary/ trade secret documents in one directory that I don't want the developer downloading. Is there a way to temporary move that folder to somewhere they can't access? Realistically the code changes should only take a few hours so I suppose I could just download the entire folder and delete it from the server. Then upload it again after the fact. But is there an easier way than that?

    – Roberto Frink
    6 hours ago











  • Frankly, if you've got 100 GB of trade secrets on an out-of-support PHP server, I'd worry less about a particular developer and more about the rest of the Internet. Taking them off the server ASAP would be a good step either way.

    – ceejayoz
    5 hours ago











  • Thanks! That is a very astute point @ceejayoz

    – Roberto Frink
    5 hours ago
















4














In a password protected area you can install for instance https://www.adminer.org/ or https://www.phpmyadmin.net/ to allow someone access to the database without giving them SSH access, but that won't allow them to upgrade the OS for you.



Almost regardless of how much you trust the developer, make a good backup beforehand of your system, settings and data.






share|improve this answer























  • Awesome, thanks for the tips! My biggest fear is that there are around 100GB of proprietary/ trade secret documents in one directory that I don't want the developer downloading. Is there a way to temporary move that folder to somewhere they can't access? Realistically the code changes should only take a few hours so I suppose I could just download the entire folder and delete it from the server. Then upload it again after the fact. But is there an easier way than that?

    – Roberto Frink
    6 hours ago











  • Frankly, if you've got 100 GB of trade secrets on an out-of-support PHP server, I'd worry less about a particular developer and more about the rest of the Internet. Taking them off the server ASAP would be a good step either way.

    – ceejayoz
    5 hours ago











  • Thanks! That is a very astute point @ceejayoz

    – Roberto Frink
    5 hours ago














4












4








4







In a password protected area you can install for instance https://www.adminer.org/ or https://www.phpmyadmin.net/ to allow someone access to the database without giving them SSH access, but that won't allow them to upgrade the OS for you.



Almost regardless of how much you trust the developer, make a good backup beforehand of your system, settings and data.






share|improve this answer













In a password protected area you can install for instance https://www.adminer.org/ or https://www.phpmyadmin.net/ to allow someone access to the database without giving them SSH access, but that won't allow them to upgrade the OS for you.



Almost regardless of how much you trust the developer, make a good backup beforehand of your system, settings and data.







share|improve this answer












share|improve this answer



share|improve this answer










answered 6 hours ago









HBruijnHBruijn

56.5k1190150




56.5k1190150












  • Awesome, thanks for the tips! My biggest fear is that there are around 100GB of proprietary/ trade secret documents in one directory that I don't want the developer downloading. Is there a way to temporary move that folder to somewhere they can't access? Realistically the code changes should only take a few hours so I suppose I could just download the entire folder and delete it from the server. Then upload it again after the fact. But is there an easier way than that?

    – Roberto Frink
    6 hours ago











  • Frankly, if you've got 100 GB of trade secrets on an out-of-support PHP server, I'd worry less about a particular developer and more about the rest of the Internet. Taking them off the server ASAP would be a good step either way.

    – ceejayoz
    5 hours ago











  • Thanks! That is a very astute point @ceejayoz

    – Roberto Frink
    5 hours ago


















  • Awesome, thanks for the tips! My biggest fear is that there are around 100GB of proprietary/ trade secret documents in one directory that I don't want the developer downloading. Is there a way to temporary move that folder to somewhere they can't access? Realistically the code changes should only take a few hours so I suppose I could just download the entire folder and delete it from the server. Then upload it again after the fact. But is there an easier way than that?

    – Roberto Frink
    6 hours ago











  • Frankly, if you've got 100 GB of trade secrets on an out-of-support PHP server, I'd worry less about a particular developer and more about the rest of the Internet. Taking them off the server ASAP would be a good step either way.

    – ceejayoz
    5 hours ago











  • Thanks! That is a very astute point @ceejayoz

    – Roberto Frink
    5 hours ago

















Awesome, thanks for the tips! My biggest fear is that there are around 100GB of proprietary/ trade secret documents in one directory that I don't want the developer downloading. Is there a way to temporary move that folder to somewhere they can't access? Realistically the code changes should only take a few hours so I suppose I could just download the entire folder and delete it from the server. Then upload it again after the fact. But is there an easier way than that?

– Roberto Frink
6 hours ago





Awesome, thanks for the tips! My biggest fear is that there are around 100GB of proprietary/ trade secret documents in one directory that I don't want the developer downloading. Is there a way to temporary move that folder to somewhere they can't access? Realistically the code changes should only take a few hours so I suppose I could just download the entire folder and delete it from the server. Then upload it again after the fact. But is there an easier way than that?

– Roberto Frink
6 hours ago













Frankly, if you've got 100 GB of trade secrets on an out-of-support PHP server, I'd worry less about a particular developer and more about the rest of the Internet. Taking them off the server ASAP would be a good step either way.

– ceejayoz
5 hours ago





Frankly, if you've got 100 GB of trade secrets on an out-of-support PHP server, I'd worry less about a particular developer and more about the rest of the Internet. Taking them off the server ASAP would be a good step either way.

– ceejayoz
5 hours ago













Thanks! That is a very astute point @ceejayoz

– Roberto Frink
5 hours ago






Thanks! That is a very astute point @ceejayoz

– Roberto Frink
5 hours ago














2














No, you're allowing someone you don't trust to have root access to your servers. which means they can install a rat in the system or mess with it. you can log files accessed and permissions by creating an account and pass for the person but since he will need root access he can log in and then start deleting your monitoring system. which leaves you to square one. i suggest hire a firm that has reputation. hiring a single person from a craigslist ad would be asking for trouble.






share|improve this answer

























  • Thanks! The developer would actually be from the company that made the specific platform I need updating. However, they are located in a different country where legal action would be unlikely which is what worries me most. But I think I am being overly paranoid.

    – Roberto Frink
    5 hours ago












  • my advice is just make a backup copy of the system before access. that way you can restore if there's any issues.

    – user3897632
    4 hours ago















2














No, you're allowing someone you don't trust to have root access to your servers. which means they can install a rat in the system or mess with it. you can log files accessed and permissions by creating an account and pass for the person but since he will need root access he can log in and then start deleting your monitoring system. which leaves you to square one. i suggest hire a firm that has reputation. hiring a single person from a craigslist ad would be asking for trouble.






share|improve this answer

























  • Thanks! The developer would actually be from the company that made the specific platform I need updating. However, they are located in a different country where legal action would be unlikely which is what worries me most. But I think I am being overly paranoid.

    – Roberto Frink
    5 hours ago












  • my advice is just make a backup copy of the system before access. that way you can restore if there's any issues.

    – user3897632
    4 hours ago













2












2








2







No, you're allowing someone you don't trust to have root access to your servers. which means they can install a rat in the system or mess with it. you can log files accessed and permissions by creating an account and pass for the person but since he will need root access he can log in and then start deleting your monitoring system. which leaves you to square one. i suggest hire a firm that has reputation. hiring a single person from a craigslist ad would be asking for trouble.






share|improve this answer















No, you're allowing someone you don't trust to have root access to your servers. which means they can install a rat in the system or mess with it. you can log files accessed and permissions by creating an account and pass for the person but since he will need root access he can log in and then start deleting your monitoring system. which leaves you to square one. i suggest hire a firm that has reputation. hiring a single person from a craigslist ad would be asking for trouble.







share|improve this answer














share|improve this answer



share|improve this answer








edited 5 hours ago









ceejayoz

27.1k66392




27.1k66392










answered 5 hours ago









user3897632user3897632

224




224












  • Thanks! The developer would actually be from the company that made the specific platform I need updating. However, they are located in a different country where legal action would be unlikely which is what worries me most. But I think I am being overly paranoid.

    – Roberto Frink
    5 hours ago












  • my advice is just make a backup copy of the system before access. that way you can restore if there's any issues.

    – user3897632
    4 hours ago

















  • Thanks! The developer would actually be from the company that made the specific platform I need updating. However, they are located in a different country where legal action would be unlikely which is what worries me most. But I think I am being overly paranoid.

    – Roberto Frink
    5 hours ago












  • my advice is just make a backup copy of the system before access. that way you can restore if there's any issues.

    – user3897632
    4 hours ago
















Thanks! The developer would actually be from the company that made the specific platform I need updating. However, they are located in a different country where legal action would be unlikely which is what worries me most. But I think I am being overly paranoid.

– Roberto Frink
5 hours ago






Thanks! The developer would actually be from the company that made the specific platform I need updating. However, they are located in a different country where legal action would be unlikely which is what worries me most. But I think I am being overly paranoid.

– Roberto Frink
5 hours ago














my advice is just make a backup copy of the system before access. that way you can restore if there's any issues.

– user3897632
4 hours ago





my advice is just make a backup copy of the system before access. that way you can restore if there's any issues.

– user3897632
4 hours ago










Roberto Frink is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















Roberto Frink is a new contributor. Be nice, and check out our Code of Conduct.












Roberto Frink is a new contributor. Be nice, and check out our Code of Conduct.











Roberto Frink is a new contributor. Be nice, and check out our Code of Conduct.














Thanks for contributing an answer to Server Fault!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f963175%2fbest-practices-for-giving-outside-developer-ssh-access%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Can not update quote_id field of “quote_item” table magento 2Magento 2.1 - We can't remove the item. (Shopping Cart doesnt allow us to remove items before becomes empty)Add value for custom quote item attribute using REST apiREST API endpoint v1/carts/cartId/items always returns error messageCorrect way to save entries to databaseHow to remove all associated quote objects of a customer completelyMagento 2 - Save value from custom input field to quote_itemGet quote_item data using quote id and product id filter in Magento 2How to set additional data to quote_item table from controller in Magento 2?What is the purpose of additional_data column in quote_item table in magento2Set Custom Price to Quote item magento2 from controller

Image
What's the in-universe reasoning behind sorcerers needing material components? What killed these X2 caps? Why is consensus so controversial in Britain? CAST throwing error when run in stored procedure but not when run as raw query Assassin's bullet with mercury Why do bosons tend to occupy the same state? Ambiguity in the definition of entropy What does the expression "A Mann!" means Is it logically or scientifically possible to artificially send energy to the body? Do scales need to be in alphabetical order? Is there an expression that means doing something right before you will need it rather than doing it in case you might need it? Is it possible to create a QR code using text? Should I tell management that I intend to leave due to bad software development practices? Why no variance term in Bayesian logistic regression? How badly should I try to prevent a user from XSSing themselves? I would say: "You are another teacher", bu
Read more

Magento 2 disable Secret Key on URL's from terminal The Next CEO of Stack OverflowMagento 2 Shortcut/GUI tool to perform commandline tasks for windowsIn menu add configuration linkMagento oAuth : Generating access token and access secretMagento 2 security key issue in Third-Party API redirect URIPublic actions in admin controllersHow to Disable Cache in Custom WidgetURL Key not changing in Magento 2Product URL Key gets deleted when importing custom options - Magento 2Problem with reindex terminalMagento 2 - bin/magento Commands not working in Cpanel Terminal

Image
How to travel Japan while expressing milk? Is it correct to say moon starry nights? What exactly is ineptocracy? Is it a bad idea to plug the other end of ESD strap to wall ground? Is it OK to decorate a log book cover? logical reads on global temp table, but not on session-level temp table What did the word "leisure" mean in late 18th Century usage? How can I separate the number from the unit in argument? Is it possible to make a 9x9 table fit within the default margins? Can a PhD from a non-TU9 German university become a professor in a TU9 university? A hang glider, sudden unexpected lift to 25,000 feet altitude, what could do this? Does int main() need a declaration on C++? Is there a rule of thumb for determining the amount one should accept for a settlement offer? Why did early computer designers eschew integers? Early programmable calculators with RS-232 What does this strange code stamp on my passport mean? Why does the freezing point ma
Read more

Aasi (pallopeli) Navigointivalikko

PallopelitLeikit pallolla Aasi on yksinkertainen pallolla pelattava pallopeli, joka toimii lasten ja nuorten ajanvietteenä. Peliin tarvitaan pallo ja kolme pelaajaa. Kaksi pelaajaa ovat kaukana toisistaan (noin 10m) ja kolmas pelaaja on heidän keskellään. Kaukaisimmat pelaajat heittelevät palloa keskenään, ja keskimmäinen pelaaja, aasi, yrittää siepata pallon itselleen. Jos aasi saa pallon kiinni, hän pääsee sen pelaajan paikalle joka heitti pallon. Tämä peli esiintyy myös nimillä Piimä , Mummonkiusaus ja Kala . lähde? Aasi on myös nimitys toiselle pallopelille. Peliin tarvitaan vähintään kaksi pelaajaa sekä pallo. Pelaajat päättävät järjestyksen, jossa pelaajat potkaisevat palloa jotain päin (esim. seinää). Kukin pelaaja potkaisee vuorollaan palloa, ja häviäjä on se, joka saa ensin sanan AASI. Kirjaimia saa sillä, että osuu palloon potkaisun jälkeen. Esim. Ville, Heikki ja Kalle pelaavat aasia. Ville potkaisee palloa, ja sitten on Heikin vuoro, mutta Ville osuu palloon ennen kuin
Read more