Thanks for your reply.
I thought of a way of securing my certificate and I think I can work around it without a password (although it would be nice to have), but I would like to understand more in details what happens when invoking func, i.e. how does the overlord start communication and how does it secure it? How does the minion validate the request etc, what private/public keys/certs are used when etc
I think this is a bit of information missing on the wiki (or at least I can't find it :) ) that a lot of people could find useful.
Thanks
Simone
On Thu, Jan 28, 2010 at 10:52 AM, makkalot <makkalot@xxxxxxxxx> wrote:
Thursday 28 January 2010 12:31:46 Simone Sciarrati tarihinde şunları yazmıştı:
> Hi guys,
Hi
>I'm not sure about that opiton .
> I have been using cobbler/func for a while now and I am finding it a great
> tool. Unfortunately I have to manage my servers in an insecure environment
> so I am trying to understand better how the communication between the
> overlord and the minions works and how secure it is. Ideally I would like
> to have a password protected private certificate on the overlord but it
> doesn't seem to work (tried creating the certificate manually and then
> manually signnig the minion certificate requests, it all works but func
> commands fail).
> https://fedorahosted.org/func/wiki/FuncSslDetailsbut this does not
>
> I have read and understood
> explain how the communication works when I invoke func,As far as i know, on every request from overlord to minion there is a cert
> anyone willing to spare some details on this?
>
checking process. Minion checks if the overlord has signed its certificate,and
all that happens over ssl.Therefore it should be safe as far as you keep your
certs safe :) Am i right ?
> Thanks
>
> Simone
_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
_______________________________________________ Func-list mailing list Func-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/func-list
