Re: Func and kerberos

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2007-10-15 at 16:01 -0400, Karl MacMillan wrote:
> If you plan to use this cert infrastructure more broadly then my
> concerns about the weaknesses grow quite a bit.

We can use the cert signing portion of the infrastructure for whatever
needs help communicating with certificates as auth.

examples:
- yum can use the certs to talk to mod_auth_cert on apache to have
authenticated access to repositories

- nagios can use it as a transport mechanism to do system checks and to
send alerts

- cacti can use it as a better-authenticated way to gather system stats

- puppet can use the certs as it does currently.

> But ssh would just be the transport / authentication mechanism that
> could be hidden. It could immediately exec a bit of python code that has
> the good parts of your current system.

and then we don't get the benefit of the above, and we get to wrestle
with various layers in between.

-sv



[Index of Archives]     [Fedora Users]     [Linux Networking]     [Fedora Legacy List]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux