Sorry for the delay, we will move it up the priority list.

Thanks to the original issue author and Jarrod for the assistance.

________________________________
From: Jarrod Johnson <jjohns...@lenovo.com>
Sent: Tuesday, November 1, 2022 2:30 PM
To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>
Subject: [EXTERNAL] [xcat-user] SSH Zone security issue

Was noticing that not much was happening with https: //github. 
com/xcat2/xcat-core/issues/7246 Unsufficient check in credentials. pm · Issue 
#7246 · xcat2/xcat-core Hi, I recognize that one can request the 
ssh_root_key&#39;s of every zone
ZjQcmQRYFpfptBannerStart
This Message Is From an External Sender
This message came from outside your organization.

ZjQcmQRYFpfptBannerEnd
Was noticing that not much was happening with 
https://github.com/xcat2/xcat-core/issues/7246<https://github.com/xcat2/xcat-core/issues/7246>
[https://opengraph.githubassets.com/04aa8dfcf26704c37d9fd11140249003ac8322df3872134b416d5c9df4fa2fef/xcat2/xcat-core/issues/7246]<https://github.com/xcat2/xcat-core/issues/7246>
Unsufficient check in credentials.pm · Issue #7246 · 
xcat2/xcat-core<https://github.com/xcat2/xcat-core/issues/7246>
Hi, I recognize that one can request the ssh_root_key&#39;s of every zone from 
every client independently of its zone affiliation by a simple script using 
getcredentials.awk and allowcred.awk. This...
github.com


It's a pretty significant break, effectively ssh zones don't actually enforce 
security as is.
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Reply via email to