User story #7986
closed
User story #6363: Secure agent/server communication
Make copying the tools encrypted again
Added by Janos Mattyasovszky about 8 years ago.
Updated about 6 years ago.
Category:
System techniques
Description
From a point of security it would be recommended to also encrypt the copy-progress of the tools.
This was changed in #7644 by:
https://github.com/Normation/rudder-techniques/commit/924bde1d#diff-54497584de9934e14ae1d1d338b27e04L79
Regarding it being open-source: It would theoretically allow examination of which version of tools the whole environment is using just by examining the network traffic by MITM, use that to determine which version of rudder you are using, and with that information find a vulnerability, that could serve as an attack vector.
It would make more sense to just create a different copy_from body that differs from remote by enabling preserve=true, just like there is a remote_unsecured_without_perms, this could be remote_with_perms...
- Assignee set to Benoît PECCATTE
Benoit, could you take a look to that?
Thinking a little more about that, isn't there a risk to let the attacker gain a huge information by letting he knows what exactly is encrypted on a communication (i.e a kind of known plain text attack ?). Not sure it is even remotly relevant, and what is more likelly (seems that your concern is more likelly than mine), just wanted to track it here.
Why not but this could have an impact on low end nodes likes raspberry pi.
The better solution would be to make this an option.
Making it an option in system technique is possible.
Making it an option in initial promises must wait a later release when both are merged.
The tools do not change IMHO that often that it would make a huge difference... And it was just changed to unencrypted to solve a completely unrelated issue.
- Related to Bug #8159: Do not backup modified promise files and encrypt ncf/local transfer added
- Tracker changed from Bug to User story
- Parent task set to #6363
- Target version set to 3.1.25
This does not exist anymore with 4.1+ servers (where TLS is used for everything).
- Target version changed from 3.1.25 to 4.1.9
- Target version changed from 4.1.9 to 4.1.10
- Status changed from New to Rejected
This does not exist anymore with 4.1+ servers (where TLS is used for everything).
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by