Hi, Thanks for your reply.
I thought of a way of securing my certificate and I think I can work around it without a password (although it would be nice to have), but I would like to understand more in details what happens when invoking func, i.e. how does the overlord start communication and how does it secure it? How does the minion validate the request etc, what private/public keys/certs are used when etc I think this is a bit of information missing on the wiki (or at least I can't find it :) ) that a lot of people could find useful. Thanks Simone On Thu, Jan 28, 2010 at 10:52 AM, makkalot <[email protected]> wrote: > Thursday 28 January 2010 12:31:46 Simone Sciarrati tarihinde şunları > yazmıştı: > > Hi guys, > Hi > > > > I have been using cobbler/func for a while now and I am finding it a > great > > tool. Unfortunately I have to manage my servers in an insecure > environment > > so I am trying to understand better how the communication between the > > overlord and the minions works and how secure it is. Ideally I would like > > to have a password protected private certificate on the overlord but it > > doesn't seem to work (tried creating the certificate manually and then > > manually signnig the minion certificate requests, it all works but func > > commands fail). > > I'm not sure about that opiton . > > > > > I have read and understood > > https://fedorahosted.org/func/wiki/FuncSslDetailsbut this does not > > explain how the communication works when I invoke func, > > anyone willing to spare some details on this? > > > > As far as i know, on every request from overlord to minion there is a cert > checking process. Minion checks if the overlord has signed its > certificate,and > all that happens over ssl.Therefore it should be safe as far as you keep > your > certs safe :) Am i right ? > > > Thanks > > > > Simone > > > _______________________________________________ > Func-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/func-list
_______________________________________________ Func-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/func-list
