So who is Eric ?

7 posts / 0 new
Last post
#1 Thu, 10/30/2008 - 14:16
sgrayban

So who is Eric ?

Reading http://www.virtualmin.com/forums/news/virtualmin-support-module.html I see someone called Eric has access to private bug reports and to servers with that new module if people use it.

However I do not know this Eric nor has he or Joe/Jamie ever introduced him and what his role is here.

I have know Joe and Jamie for years and trust them completely but to know that someone else could have access to any of my clients servers or mine does make me wonder who this guy is.

Thu, 10/30/2008 - 15:33
Joe
Joe's picture

Hey Scott,

Eric Andreychek is user andreychek here in the forums. He's been a friend of Virtualmin, Webmin, and Usermin (and Jamie and I) for many years, and a regular contributor on the mailing lists and here in the forums. He's a Perl and JavaScript developer, as well, and has been involved in Open Source development for quite some time. He was also a very early economic and bugfix contributor to Virtualmin in its infancy, so he's been around the project almost as long as Jamie and I.

Officially, he is a part-time employee providing support for Virtualmin Professional customers, though he's also doing some other non-support work with us, and he also takes part on a voluntary basis, as well, as he genuinely enjoys working with Virtualmin and uses it in his own day-to-day work (and we don't have the budget to keep him on the clock more than he currently is). We trust him with our own servers. He has SVN commit access to several components of Virtualmin, for example, as well as administrative access to most parts of the website.

As we grow, we will be hiring additional folks to help out with support, as well as development. Hopefully, we'll be able to hire people we've known for a long time, as with Eric, because we do not take our role of having "root" on customers servers lightly. The new support module is designed to make this process more secure: in the past, folks who didn't know how to install a public key would usually just send us a password via email, which is obviously more dangerous. Public keys are the safest way to allow someone access to your server.

If you'd like to get to know Eric a little better before trusting him with access to your systems, but you still need some personal involvement by us, you can still specifically install <i>my</i> public key from the same location it's always been ( http://software.virtualmin.com/lib/authorized_keys ) and not grant Jamie or Eric access (Jamie's public key is not posted in public that I'm aware of...not very public, eh?). You'll see him around the forums and bug tracker most days, though he is only officially working for us a few hours per week.

Also, Eric's a really nice guy. Much nicer than me, for example. He also does cool and interesting things, like put together low-cost conferences for his local Linux and Open Source users group. You'll like him once you get to know him.

Anyway, you're right, I should have mentioned that we'd hired him when we put him on the payroll a few months ago, and intended to, but it was a hectic time (one of the reasons we hired him--I was overwhelmed, and he's done a great job taking some of that pressure off so I can get new development done, rather than just answering questions all day every day--things like the new website had been stewing for months and never got anywhere close to completion...but now I'm making very steady progress on it, which I know you'll be happy to know about, since it means a new bug tracker and forums, in particular).

Hope this answers your questions?

--

Check out the forum guidelines!

Thu, 10/30/2008 - 15:43 (Reply to #2)
sgrayban

Does Eric have anything to add to this?

As for the module may suggest adding a check box for the key(s) to add then instead of all ?

Thu, 10/30/2008 - 16:12 (Reply to #3)
Joe
Joe's picture

<div class='quote'>Does Eric have anything to add to this?</div>

I dunno. I guess we'll find out. ;-)

What kind of addition did you have in mind?

<div class='quote'>As for the module may suggest adding a check box for the key(s) to add then instead of all ?</div>

I think that would just unnecessarily complicate the UI, and confuse people. Most of our customers don't really know me or Jamie, either, we're just anonymous dudes who work at some company called Virtualmin. Since Eric is sometimes a customers first human interaction with Virtualmin, Inc. he's often the person they know and trust--I'm just some dude asking to login to their server (I was surprised the first time this happened and the customer emailed Eric with the login details even though I was the one wanting to see the problem, but, I'm over it now).

The point of the module is to be there when people don't know what to do--we don't want to make it harder by adding more options. As you know, just about everywhere else in Virtualmin there are options for everything...that flexibility is a strength, but it can also be very intimidating. So, the support module should be a respite from that complexity and flexibility--it's got one job (get the user some help as fast as possible) and should do it very simply. Asking more questions, and implying that the end user should know who they can &quot;trust&quot;, is not a good way to achieve that. We won't insist that you use it...there are other ways to grant us access, on the very rare occasions that it is needed, and other ways to file tickets.

BTW, granting specific access can be done very simply, in most cases...if there are no authorized_keys yet, you can get there by typing:

cd /root/.ssh
wget http://software.virtualmin.com/lib/authorized_keys

Or, if there are keys already installed:

cd /root
wget http://software.virtualmin.com/lib/authorized_keys
cat authorized_keys &gt;&gt; .ssh/authorized_keys
rm authorized_keys

Of course, this means I'm the only person that can do anything to help solve the problem. When all three of us can jump in and get things resolved, problems get resolved a lot faster...which is the whole point of the module: To get problems resolved faster.

Hope that all makes sense?

--

Check out the forum guidelines!

Thu, 10/30/2008 - 16:26 (Reply to #4)
sgrayban

Well I just wanted to hear what Eric had to say about his skills and what he has done personally when it comes to the code of webmin and virtualmin. Something to make me feel at ease *if* he should ever work on any of my servers I control.

Another thing I get overly worried about is confidentiality especially when it comes to my servers. I know I have nothing to worry about with you or Jamie only because I have known you guys for like 8-9 years now. You may know him but all I know about him is a few answers on the bug and forum but even when he answers here his role is just a user and not admin like you so its a bit confusing.

Thu, 10/30/2008 - 16:47 (Reply to #5)
andreychek

Well, Joe did a pretty good job ;-)

Is there anything you'd like to know?

I do a variety of goodies with Linux and Perl, I enjoy helping folks, and I try not to take myself too seriously :-)

Joe's right, I was one of the organizers for an Open Source conference we held in Pennsylvania, we had a great time! Around 100 Open Source enthusiasts came out to hear 18 speakers on a variety of fun topics.

Oh, and I received second place in the 2001 Perl Poetry contest with a Perl port of &quot;Jabberwocky&quot; :-)

http://www.perlmonks.org/?node_id=111157

The guy who placed first was the one who created that slick looking camel t-shirt available at ThinkGeek. I don't mind losing to the best :-)

Why should you trust me on servers belonging to you and your customers?

I won't ramble on with some sort of list of qualifications, I'll leave that for the MCSE's :-)

Simply, you shouldn't trust anyone you don't know telling you to trust them with root on your system.

What you have to go on, in this case, is that Joe and Jamie wouldn't get just anyone to help them out. So you're trusting their judgment.

That, and I write Perl poetry for fun :-)
-Eric

Thu, 10/30/2008 - 17:03 (Reply to #6)
sgrayban

ok

Topic locked