On Tue, Jul 02, 2013 at 10:54:14AM -0400, Joe Landman wrote: > One argument which is easy to make for salt, which I didn't see anyone > make is, it lets you lower your risk by removing the ssh daemon.
You mean raise your risk, because the ssh equivalent in the pub-sub world is going to be less audited and more risky. To quote the article: | 0mq does not natively support encryption, so Salt includes its own AES | implementation that it uses to protect its payloads. Recently, a flaw | was discovered in this code along with several other remote | vulnerabilities. Ansible is largely immune to such issues because its | default configuration uses standard SSH -- greg _______________________________________________ Beowulf mailing list, [email protected] sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
