Hub data security

[MikeBeller]

Hi

My name is Mike Beller and I'm looking into applying planetary computer to analyzing forestry projects in the developing world. Kudos on setting this all up. I had previously set up my own crude pangeo/dask arrangement on AWS, and the PC Hub is just better integrated and easier to use.

Particularly given planetary computer is designated as a kind of preview -- I would like to confirm that the data I store on planetary computer, for example in /home/joyvan on my Hub account, is subject to the same security that any azure instance would be. Can I safely put my github (encryped) private keys up there, for example? And on a related note, can I SSH to the hub instance itself? If so, how?

Thanks

Mike

[TomAugspurger]

Hi @MikeBeller! I think https://jupyterhub.readthedocs.io/en/stable/reference/websecurity.html#security-overview and https://jupyterhub.readthedocs.io/en/stable/getting-started/authenticators-users-basics.html#give-admin-access-to-other-users-notebook-servers-admin-access. In particular, admin JupyterHub users can access the home directories of users.

Currently, that's just me (https://github.com/microsoft/planetary-computer-hub/blob/a6fb07cc9e84f6eddcf0702cc427f31b1106017c/helm/values.yaml#L22-L26). I might disable that, since I don't think I need it, but you shouldn't rely on it not changing (I can deploy changes from outside of GitHub).

I hope that helps you make decision, but personally I would recommend against including plain-text secrets anywhere in your home directory.

And on a related note, can I SSH to the hub instance itself? If so, how?

We do not currently allow that. There is a project to enable that (https://github.com/yuvipanda/jupyterhub-ssh) but we haven't implemented that. Can you share a bit about why SSH-ing into a hub instance would be helpful?

[MikeBeller]

Thanks Tom. I guess the reason for asking about ssh is that it gives me a reasonably efficient way to avoid having github keys up there. Right now when I make changes in a notebook on the Jupyter Hub and want to do a commit, I "download notebook" from the Jupyter Hub GUI to a local repo, and do the git commit locally. If I had ssh access to the Jupyter Hub, I would use rsync (via ssh from my local machine) to sync all remote changes back down to a local git repo, and then do the commit locally again. And ssh would only require my public key to be up there in the authorized_keys. No private keys at all. There are probably other solutions of course -- so I was just asking what was possible.

Mike

[TomAugspurger]

Understood, thanks. I agree that the current workflow around git repositories is awkward.

Occasionally when I'm working on version-controlled materials that will go to GitHub, I access a Hub notebook server from VS Code (https://planetarycomputer.microsoft.com/docs/overview/ui-vscode/). This lets you use a remote Jupyter kernel on local files. I believe that other editors like emacs have support for remote execution of notebooks, but I'm not as familiar with out to set that up. It's not as nice as the workflow you have in mind, but might be an option until we have a better JupyterHub / GitHub integration sorted out.

[MikeBeller]

Thanks Tom. That sounds like it could be a good solution for now. I will give it a try.
Cheers
Mike