Dear Puppet Users, until now, I have been using Puppet in firewalled environments only, where agents were on the same trusted network as the server or connected through VPN tunnels.
Now there seem to be some good reaons for switching to a "perimeterless security" approach, which would mean to drop the VPN and put the Puppet Server on the public internet. In my special case, I could not even do any IP-based filtering. I could not really find any good material or recommendations on this. Is this a discouraged/dangerous practice, or is it more common than I was assuming? The basic approach of mutual, certificate-based authentication in Puppet seems to perfectly support this scenario, and comes with encryption built in. And yes, of course I would _not_ enable certificate autosigning. Are there other risks to be aware of? Any recommendations on hardening the setup? Maybe I am a bit sceptical because a component like Puppet Server has not received the scrutinity as e. g. an Apache or Ngnix webserver regarding potential attack surfaces and security issues. The sensitive information a compromised Puppet Server might leak cannot be ignored. Would it make sense to place the Puppet Server behind a major webserver/proxy (Apache, Varnish etc.)? Would it be possible to reject all connections that do not provide client certificates and use some out-of-band process for signing new client certs? Thank you for all suggestions! -mp. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/5b48116f-4831-4244-a90b-c7dc89a5f3a3n%40googlegroups.com.
