You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@vcl.apache.org by "Aaron Peeler (JIRA)" <ji...@apache.org> on 2013/11/05 14:57:18 UTC

[jira] [Updated] (VCL-645) store/update fingerprint info for machines for end-user reservations

     [ https://issues.apache.org/jira/browse/VCL-645?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Aaron Peeler updated VCL-645:
-----------------------------

    Description: 
after a load, fetch and store ssh fingerprint for end-users. 
User requested at NCSU to be able to double check ssh keys fingerprint to elevate concerns about man-in middle attack.

database - extend database to store keys for rsa/dsa public keys
web -  within current reservations for linux OS/ssh connections provide a button for the user to see the fingerprint and also possible download to update their local known_hosts file?

backend - A couple of options:

1) Allow host keys to be re-generated on each load, then fetch and store keys and allow users to see or download new fingerprint.  

2) for every node store the original host keys, during post-load update the keys on the host. This will make it easier on the end-user to not have to update their known_hosts file or key stores

Also would apply to windows related keys 


  was:
after a load, fetch and store ssh fingerprint for end-users. 
User requested at NCSU to be able to double check ssh keys fingerprint to elevate concerns about man-in middle attack.

database - extend database to store keys for rsa/dsa public keys
web -  within current reservations for linux OS/ssh connections provide a button for the user to see the fingerprint and also possible download to update their local known_hosts file?

backend - A couple of options:

1) Allow host keys to be re-generated on each load, then fetch and store keys and allow users to see or download new fingerprint.  

2) for every node store the original host keys, during post-load update the keys on the host. This will make it easier on the end-user to not have to update their known_hosts file or key stores




        Summary: store/update fingerprint info for machines for end-user reservations  (was: store/update ssh fingerprint for unix machines for end-user reservations)

> store/update fingerprint info for machines for end-user reservations
> --------------------------------------------------------------------
>
>                 Key: VCL-645
>                 URL: https://issues.apache.org/jira/browse/VCL-645
>             Project: VCL
>          Issue Type: Improvement
>          Components: database, vcld (backend), web gui (frontend)
>            Reporter: Aaron Peeler
>            Priority: Minor
>             Fix For: 2.4
>
>
> after a load, fetch and store ssh fingerprint for end-users. 
> User requested at NCSU to be able to double check ssh keys fingerprint to elevate concerns about man-in middle attack.
> database - extend database to store keys for rsa/dsa public keys
> web -  within current reservations for linux OS/ssh connections provide a button for the user to see the fingerprint and also possible download to update their local known_hosts file?
> backend - A couple of options:
> 1) Allow host keys to be re-generated on each load, then fetch and store keys and allow users to see or download new fingerprint.  
> 2) for every node store the original host keys, during post-load update the keys on the host. This will make it easier on the end-user to not have to update their known_hosts file or key stores
> Also would apply to windows related keys 



--
This message was sent by Atlassian JIRA
(v6.1#6144)