how do you distribute secrets ?

Mon Apr 26 11:38:37 CEST 2004

Hi,

after reading your answers we discussed the issue and came to the
following conclusions:

- no local passwords (no root login or su, only sudo; users get
authorized against LDAP/Kerberos or ssh public keys)
- ssh and ssl host keys are generated during first installation on the
clients; then these keys are stored on a /backup-Partition (with
lazyformat) in a root-readonly directory; all following installations
use these keys unless the hard disc gets broken & replaced or the system
is re-installed from the ground or the like.

- no sshd on the install clients (security measure)
- since FAI is only used in our interior network we life with the
threats of NFS and MAC-spoofing. If we need more securiy we'll rely on 
hardcoded mac-adresses within the switches and on special bootdiscs
(also with hardcoded mac adresses) for each and every system.


thanks for your inspiration,
	Holger


On Thu, 2004-04-22 at 10:50, Holger Levsen wrote:
> Hi,
> 
> in FAI's simple examples the root password is distributed to the install
> clients as a md5sum which is world-readable through the nfs-exported
> FAI_CONFIGDIR.
> 
> It's a good solution as a starting point but not really sufficient for
> installations where you need real security.
> 
> How do you distribute passwords, private ssh-host-keys and/or private
> ssl-certificates ?
> 
> I can easily imagine solutions involving bootdiscs or usb-sticks which
> contain those keys - but this would not be very flexible nor is this a
> solution for many systems.
> 
> 
> thank you for any hints,
> regards,
> 	Holger
-- 
  
Hamburger Berater Team GmbH     Telefon: 040/369779-0
Stadthausbrücke 3 (Fleethof)    Telefax: 040/369779-99
20355 Hamburg                   eMail  : hl at hbt.de
				Web    : http://www.hbt.de