Project

General

Profile

Actions

Architecture #6356

closed

User story #6589: Improve Rudder security in 3.1: Inventory signature and security, SELinux compliance

Inventory endpoint should validate agent signature

Added by Benoît PECCATTE over 9 years ago. Updated over 9 years ago.

Status:
Released
Priority:
N/A
Category:
Web - Nodes & inventories
Target version:
Effort required:
Name check:
Fix check:
Regression:

Description

The inventory endpoint should check that:
- the signature is valid
- the signature matches the key contained in the inventory
- the key matches the one currently in the ldap if there is one


Subtasks 8 (0 open8 closed)

Architecture #6506: Change send_clean to push signature along with inventoryReleasedMatthieu CERDA2015-04-16Actions
Architecture #6558: Update test in Rudder so it is ok with new inventory data modelReleasedFrançois ARMAND2015-05-05Actions
User story #6560: Display key used to sign inventory and if the Node is "Certified"ReleasedFrançois ARMAND2015-05-06Actions
Architecture #6567: Add a script to manage node keys on serverReleasedVincent MEMBRÉ2015-05-06Actions
Bug #6583: Can't validate inventory key stored with old formatReleasedNicolas CHARLES2015-05-13Actions
Bug #6584: Tests broken with wrong inventory schemaReleasedNicolas CHARLES2015-05-13Actions
Bug #6600: Cannot modify root server inventory after new installReleasedFrançois ARMAND2015-05-17Actions
Bug #6601: Remove invalid default public key for root serverReleasedFrançois ARMAND2015-05-17Actions

Related issues 2 (0 open2 closed)

Related to Rudder - Architecture #6502: Older versions of Rudder should ignore the signature fileReleasedMatthieu CERDA2015-04-13Actions
Has duplicate Rudder - User story #6250: Per-Host inventory upload keys / access restrictionsRejected2015-02-10Actions
Actions

Also available in: Atom PDF