On the other hand, I specifically had grok try hard NOT to read a known key in the project dir (it only saw the first part using a tool, to verify it was present). So there's that.
Those ssh keys can be used to access private servers
It also has to be a secure password, people often don't care because it's a local file and generally not exposed to the internet.
The SSH port itself can be limited by IP in firewalls.
Finally, the SSH private key can be encrypted with a password.
Defense in depth is needed. Storing a ssh private key in plain text with no IP restriction is no different to having a password manager store your passwords in plain text on your HD.
Doesn't make uploading the keys that much better. Now is the time for key rotation everywhere. Fast.
If I recall correctly, I did a full system reset before setting it up this way. It's certainly not logged into iCloud etc.
https://gist.github.com/cereblab/dc9a40bc26120f4540e4e09b75ffb547
Elon did this horrible thing, so I made grok build available for omp with it's own endpoint; Without sending your private repos and secret keys to them.
-
oh-my-pi-plugin-grok-build
Standalone oh-my-pi extension for the xAI Grok Build subscription provider. It adds OAuth login, authoritative model discovery, and OpenAI Responses streaming with the request identity expected by Grok Build.
Install (No-spywares):
omp plugin install oh-my-pi-plugin-grok-build
-
https://github.com/metaphorics/oh-my-pi-plugin-grok-build
Star me if you like it or if you hate spywares, lol.Give the bot it's own machine and only copy to it that which one would want DOGE having access to. Not a virtual machine, the bot will eventually escape. Give it a little RasPi or mini-PC with maximum power savings enabled, disk quotas and bandwidth limits. Instruct it to operate within those limits. Install a custom CA cert and force it's traffic through a Squid SSL Bump MitM proxy.
In this way I'm not afraid of letting the agents totally lose on my computer.
You obviously haven't worked anywhere security sensitive.
I'm not talking about whether what Grok did is bad or good, I'm talking about protecting your private key and the servers you connect to.
An unencrypted private key is no different to an unencrypted password manager, and thats a fact. Dont store secrets in plain text.
I challenge any agent to do worse than an intern with root access.
newaccountman2•42m ago
InsideOutSanta•5m ago
Having said that, this is still absolutely fucked up. People who should have known better also deserve not to be treated like shit. All of us should have known better at some points in our lives and didn't.