Sorry for the delay, we will move it up the priority list. Thanks to the original issue author and Jarrod for the assistance.
________________________________ From: Jarrod Johnson <jjohns...@lenovo.com> Sent: Tuesday, November 1, 2022 2:30 PM To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net> Subject: [EXTERNAL] [xcat-user] SSH Zone security issue Was noticing that not much was happening with https: //github. com/xcat2/xcat-core/issues/7246 Unsufficient check in credentials. pm · Issue #7246 · xcat2/xcat-core Hi, I recognize that one can request the ssh_root_key's of every zone ZjQcmQRYFpfptBannerStart This Message Is From an External Sender This message came from outside your organization. ZjQcmQRYFpfptBannerEnd Was noticing that not much was happening with https://github.com/xcat2/xcat-core/issues/7246<https://github.com/xcat2/xcat-core/issues/7246> [https://opengraph.githubassets.com/04aa8dfcf26704c37d9fd11140249003ac8322df3872134b416d5c9df4fa2fef/xcat2/xcat-core/issues/7246]<https://github.com/xcat2/xcat-core/issues/7246> Unsufficient check in credentials.pm · Issue #7246 · xcat2/xcat-core<https://github.com/xcat2/xcat-core/issues/7246> Hi, I recognize that one can request the ssh_root_key's of every zone from every client independently of its zone affiliation by a simple script using getcredentials.awk and allowcred.awk. This... github.com It's a pretty significant break, effectively ssh zones don't actually enforce security as is.
_______________________________________________ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user