Actions
Architecture #6186
closed
Accept node based solely on their public key
Added by Benoît PECCATTE over 9 years ago. Updated about 6 years ago.
Status:
Rejected
Priority:
N/A
Assignee:
-
Category:
Web - Config management
Target version:
Pull Request:
Effort required:
Name check:
Fix check:
Regression:
Description
Today we accept nodes using TOFU, where the first use is checked on a mix of their IP and their reverse dns.
We now have the public key of an agent declared in its inventory.
We should use this information and trust the agent based on this key.
We would then have a lot less problem related to agent refusal by the server.
And this would be more secure than the current setup.
Updated by Benoît PECCATTE about 9 years ago
- Category changed from 14 to Web - Config management
Updated by Vincent MEMBRÉ almost 9 years ago
- Target version changed from 3.1.0~beta1 to 3.1.0~rc1
Updated by Vincent MEMBRÉ almost 9 years ago
- Target version changed from 3.1.0~rc1 to 3.1.0
Updated by Vincent MEMBRÉ almost 9 years ago
- Target version changed from 3.1.0 to 3.1.1
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.1 to 3.1.2
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.2 to 3.1.3
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.3 to 3.1.4
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.4 to 3.1.5
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.5 to 3.1.6
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.6 to 3.1.7
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 3.1.7 to 3.1.8
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 3.1.8 to 3.1.9
Updated by Alexis Mousset about 8 years ago
- Target version changed from 3.1.9 to 4.0.0~rc2
Updated by François ARMAND over 7 years ago
- Target version changed from 4.0.0~rc2 to 4.1.0~beta1
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.1.0~beta1 to 4.1.0~beta2
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 4.1.0~beta2 to 4.1.0~beta3
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 4.1.0~beta3 to 4.1.0~rc1
Updated by Benoît PECCATTE about 7 years ago
- Target version changed from 4.1.0~rc1 to 4.2.0~beta1
Updated by Alexis Mousset almost 7 years ago
- Target version changed from 4.2.0~beta1 to 4.2.0~beta2
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 4.2.0~beta2 to 4.2.0~beta3
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 4.2.0~beta3 to 4.2.0~rc1
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.2.0~rc1 to 4.2.0~rc2
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.2.0~rc2 to 4.2.0
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.2.0 to 4.2.1
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.2.1 to 4.2.2
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.2.2 to 4.2.3
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.2.3 to 4.2.4
Updated by Benoît PECCATTE about 6 years ago
- Target version changed from 4.2.4 to Ideas (not version specific)
Updated by Benoît PECCATTE about 6 years ago
- Status changed from New to Rejected
This has been done by a mix of:
- the new cfengine protocol
- inventory signature
- agent key in the inventory
Actions