[ale] ssh for automated management
Stuffed Crust
pizza at shaftnet.org
Mon Dec 20 10:40:56 EST 2004
On Sat, Dec 18, 2004 at 03:28:46PM -0500, James P. Kinney III wrote:
> ssh keys need to be installed for best security. A single distributed
> master key and a single distributed slave key, turn off host checking
> and make key authentication the only method. chroot the rsync servers.
And what happens when one of these systems is compromised? You've gotta
go change out all of the keys everywhere, and guess what, your whole
distribution mechanism is compromised. So much to doing it
automatically -- the compromised system will also get the new key.
Honestly, a system for key distribution is trivial. When every machine
is provisioned (presumably in a controlled environment by a trusted
person) its public key gets copied over to the central keyserver. If
a single machine gets it, its corresponding key gets nuked.
But if you don't care about unauthorized access to your update server,
no big deal, rsync over ssh still secures the transport stream.
...straight rsync isn't adequate for anything other than file copies
though. What happens if you need to, say, "run this script on all
systems" instead? That raises a whole new layer of angst.
- Pizza
--
Solomon Peachy ICQ: 1318344
Melbourne, FL JID: pitha at myjabber.net
Quidquid latine dictum sit, altum viditur
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
More information about the Ale
mailing list