On Fri, 2013-02-08 at 00:26 +0100, Alexander Wirt wrote:
> In fact nothing is new here and security wouldn't change much with different
> keys. The implementation ist just broken. But if you have an idea to improve
> it, feel free to send a patch. (as long as it doesn't make nrpe incompatible
> to
Just my 2 cents (without any hat on):
TLS integration in NRPE was broken from the beginning and more or less
by design.
The "real" and only security feature is to configure a appropriate
allowed_hosts list, which might be enough security for internal
networks in respect of TCP sessions.
Question
On Thu, 07 Feb 2013, Matt Taggart wrote:
> As pointed out in a previous message to the bug, #547092
> "nagios-nrpe-server: Insecure 'SSL' option, key identical for all
> debian systems" is severity grave due to the security problem it
> introduces in the service (but not critical since the problem
3 matches
Mail list logo