[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: distributing SSH keys in a cluster environment

Based on a cursory look at how FAI works, if you're worried about
a 'laptop attack' -- i.e, an untrusted person with access to your network
media -- I think there are more problems than just SSH keys.

None of the tftp/dhcp/pxe stuff is really designed with security
in mind.  It seems to me that anyone could compromise an initial install
by messing with the boot process.  Noisy, but do-able.

[Unless I've misunderstood the threat model you're positing here]

From this point of view, I can see no reason not to just jigger a fixed
host key for the initial install, followed by a keychange over SSH.  Mark's
suggestion also seemed good.



Reply to: