With TLS and a restrictive firewall, safe enough for most environments I'd say. But, as always, it depends on your threat model and setup. Apologies for not bringing up the Stork agent, I had forgotten that was necessary when I wrote my email. Glad you caught it.
Eric Graham DevOps Specialist Main: 605.995.1777 [email protected]<mailto:[email protected]> [cid:2278fb69-68dc-4580-8881-424cc400dc1e] Mitchell | Portland | Colorado Springs | San Antonio | Sioux Falls | Springfield | Charlotte ________________________________ From: Kea-users <[email protected]> on behalf of Stefan G. Weichinger <[email protected]> Sent: Friday, December 16, 2022 7:36 AM To: [email protected] <[email protected]> Subject: Re: [Kea-users] Stork API Key CAUTION: This email originated outside the organization. Do not click any links or attachments unless you have verified the sender. Am 15.12.22 um 17:10 schrieb Stefan G. Weichinger: > while the example (home user .. so maybe not that safe) at > > https://kea.readthedocs.io/en/kea-2.2.0/arm/config-templates.html > > does not contain that "authentication" block (and that's where I copied > from). Successfully added basic authentication to my 2-node-cluster: * added authentication to the control-agents * added that info to the peers in the kea-config * added the creds to the stork agents Looks good now. Yes, basic auth is not super safe, but AFAIK safe enough in this environment. -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
