Secure Collaboration: Work in Your Environment Without SSH

Originally published at orquesta.live/blog/secure-collaboration-work-without-ssh

Effective collaboration in software development often demands a delicate balance between accessibility and security. Traditionally, granting team members access to your development environment necessitated sharing SSH keys or exposing sensitive infrastructure details. However, with Orquesta, we've crafted a new paradigm: enabling others to contribute securely without ever gaining direct access.

The Traditional Model: SSH and Its Pitfalls

In the conventional setup, granting access to others involves sharing SSH keys. While this provides the necessary access for collaboration, it also opens up several security concerns:

• Security Risks: Sharing SSH keys or credentials can potentially expose your system to unauthorized access if keys are mismanaged.
• Limited Control: Once access is granted, controlling actions becomes difficult. You must trust that users will adhere to guidelines and not inadvertently interfere with your environment.
• Audit Challenges: Monitoring what each user does can be cumbersome, often requiring advanced logging mechanisms and manual audits.

Recognizing these limitations, we designed Orquesta to enable safe and efficient collaboration without these downsides.

The Orquesta Approach: Agent-Based Collaboration

Orquesta redefines collaboration by allowing you to invite collaborators who can submit prompts through a web dashboard. Here's how it works:

1. Install the Local Agent: Deploy the Orquesta agent on your infrastructure. This agent runs locally, ensuring that your code and data never leave your environment.
2. Invite Collaborators: Use the Orquesta platform to invite team members. They can be developers, testers, or any stakeholders involved in your project.
3. Submit Prompts: Collaborators submit prompts from a user-friendly dashboard. This intuitive interface allows them to propose changes, request deployments, or perform other actions without touching your infrastructure directly.

Security and Isolation

The Orquesta model offers unparalleled security:

• No SSH Access: Collaborators never see your SSH credentials or have direct shell access to your systems.
• Role-Based Permissions: Assign roles to collaborators to define what actions they can perform, ensuring precise control over the collaboration process.
• AES-256 Encryption: All interactions and data exchanges are encrypted, protecting against interception and unauthorized access.

Real-Time Transparency with Agent Grid

Orquesta's Agent Grid provides a real-time view of all agent activities. It's like having a live terminal for each agent, allowing you to monitor:

• Prompt Submissions: See what prompts have been submitted and by whom.
• Execution Status: Track the progress of actions, from prompt submission to execution.
• Output Streams: View real-time output streams from agent executions, providing transparency and immediate insight into ongoing processes.

Here's a simple example of how a prompt submission workflow might look:

- prompt: "Deploy latest feature branch"
  action:
    - type: deploy
      branch: feature/new-feature

The above YAML snippet shows a collaborator submitting a prompt to deploy a specific branch. The agent parses this prompt and executes the necessary deployment commands locally.

Quality Control with CLAUDE.md

Every action executed by an agent is checked against coding standards defined in CLAUDE.md. This ensures consistency and quality, with real git commit actions providing an audit trail:

• Simulation Mode: Orquesta simulates proposed changes before they are executed, allowing you to validate the impact.
• Approval Workflow: Team leads can sign off on changes, adding an extra layer of scrutiny before real execution.

Seamless Integration and Flexibility

Orquesta caters to diverse environments and team sizes:

• Embed SDK: Integrate Orquesta into any web app with a single script tag, expanding its reach and utility.
• Orquesta CLI: Manage local LLMs and synchronize with your dashboard, offering flexibility in execution modes.

Conclusion: A Safer, More Efficient Collaboration Model

Orquesta's agent-based collaboration model allows teams to work together securely, without traditional SSH-based access concerns. By separating the prompt submission from direct environment interaction, we preserve the integrity and safety of your infrastructure.

Through real-time monitoring, role-based permissions, and robust encryption, Orquesta ensures that your team's collaboration efforts are both secure and effective. This approach not only simplifies teamwork but also enhances security, transparency, and control.

Embrace this new model of collaboration and redefine how your team interacts with your development environment.