zlacker

[return to "Ask HN: How do you safely give LLMs SSH/DB access?"]
1. JoshTr+Vp[view] [source] 2026-01-14 20:24:50
>>nico+(OP)
Don't.

Among the many other reasons why you shouldn't do this, there are regularly reported cases of AIs working around these types of restrictions using the tools they have to substitute for the tools they don't.

Don't be the next headline about AI deleting your database.

◧◩
2. nico+Js[view] [source] 2026-01-14 20:33:11
>>JoshTr+Vp
> Don't

Do you mean "Don't give it more autonomy", or "Don't use it to access servers/dbs" ?

I definitely want to be cautious, but I don't think I can go back to doing everything manually either

◧◩◪
3. dsr_+4F[view] [source] 2026-01-14 21:13:41
>>nico+Js
Why aren't you using the tools we already have: ansible, salt, chef, puppet, bcfg2, cfengine... every one of which was designed to do systems administration at scale.
◧◩◪◨
4. dpolon+XJ[view] [source] 2026-01-14 21:32:11
>>dsr_+4F
"Why would you use a new tool when other tools already exist?".

Agents are here. Maybe a fad, maybe a mainstay. Doesn't hurt to play around with them and understand where you can (and can't) use them

◧◩◪◨⬒
5. dsr_+di3[view] [source] 2026-01-15 15:14:33
>>dpolon+XJ
Play and production need to be separate domains. Otherwise, you don't have production, you only have play.
◧◩◪◨⬒⬓
6. dpolon+Te4[view] [source] 2026-01-15 18:51:45
>>dsr_+di3
Okay...? Agreed. I still don't think the answer to "How are you guys giving LLMs access to your DBs?" is "Don't".

Nowhere did OP or any of the comments in the chain specify they were testing Claude in production.

[go to top]