how do you distribute secrets ?
Holger Levsen
hl at hbt.de
Thu Apr 22 10:50:47 CEST 2004
Hi,
in FAI's simple examples the root password is distributed to the install
clients as a md5sum which is world-readable through the nfs-exported
FAI_CONFIGDIR.
It's a good solution as a starting point but not really sufficient for
installations where you need real security.
How do you distribute passwords, private ssh-host-keys and/or private
ssl-certificates ?
I can easily imagine solutions involving bootdiscs or usb-sticks which
contain those keys - but this would not be very flexible nor is this a
solution for many systems.
thank you for any hints,
regards,
Holger
--
Hamburger Berater Team GmbH Telefon: 040/369779-0
Stadthausbrücke 3 (Fleethof) Telefax: 040/369779-99
20355 Hamburg eMail : hl at hbt.de
Web : http://www.hbt.de
More information about the linux-fai
mailing list