[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: distributing SSH keys in a cluster environment



also sprach Blair Strang <bls@nanocorp.net.nz> [2004.10.30.0237 +0200]:
> Based on a cursory look at how FAI works, if you're worried about
> a 'laptop attack' -- i.e, an untrusted person with access to your
> network media -- I think there are more problems than just SSH
> keys.

Well, you are too right, unfortunately. I am beginning to believe
FAI really needs to be extended to allow for the use of security
tokens on the clients (whatever that may be), and switch to getting
the configuration space via WebDAV or the like. CVS is already
supported, but CVS also adds an extra level of indirection, which
may cause problems.

The way to do it would be to use a token, such as a USB stick, or
a manually keyed passphrase, which then allows (encrypted) access to
the master server, from which the configuration space is obtained.

After all, at the moment, /etc/fai is exported via NFS, and
/etc/fai/class/DEFAULT.var contains the root password to be used on
all the nodes. Uh oh.

> [Unless I've misunderstood the threat model you're positing here]

No, you have not. I was about to invest too much time into this key
business though, when in fact, I was forcefully ignoring the fact
that the whole thing is as insecure as <you name it>.

I wonder if it's possible to make a secure cluster environment with
automatic installations. I guess I will have to go for the /scratch
idea...

-- 
Please do not send copies of list mail to me; I read the list!
 
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, user, and author
`. `'`
  `-  Debian - when you have better things to do than fixing a system
 
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature


Reply to: