You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@vcl.apache.org by "Aaron Peeler (JIRA)" <ji...@apache.org> on 2013/11/05 14:57:18 UTC
[jira] [Updated] (VCL-645) store/update fingerprint info for
machines for end-user reservations
[ https://issues.apache.org/jira/browse/VCL-645?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Aaron Peeler updated VCL-645:
-----------------------------
Description:
after a load, fetch and store ssh fingerprint for end-users.
User requested at NCSU to be able to double check ssh keys fingerprint to elevate concerns about man-in middle attack.
database - extend database to store keys for rsa/dsa public keys
web - within current reservations for linux OS/ssh connections provide a button for the user to see the fingerprint and also possible download to update their local known_hosts file?
backend - A couple of options:
1) Allow host keys to be re-generated on each load, then fetch and store keys and allow users to see or download new fingerprint.
2) for every node store the original host keys, during post-load update the keys on the host. This will make it easier on the end-user to not have to update their known_hosts file or key stores
Also would apply to windows related keys
was:
after a load, fetch and store ssh fingerprint for end-users.
User requested at NCSU to be able to double check ssh keys fingerprint to elevate concerns about man-in middle attack.
database - extend database to store keys for rsa/dsa public keys
web - within current reservations for linux OS/ssh connections provide a button for the user to see the fingerprint and also possible download to update their local known_hosts file?
backend - A couple of options:
1) Allow host keys to be re-generated on each load, then fetch and store keys and allow users to see or download new fingerprint.
2) for every node store the original host keys, during post-load update the keys on the host. This will make it easier on the end-user to not have to update their known_hosts file or key stores
Summary: store/update fingerprint info for machines for end-user reservations (was: store/update ssh fingerprint for unix machines for end-user reservations)
> store/update fingerprint info for machines for end-user reservations
> --------------------------------------------------------------------
>
> Key: VCL-645
> URL: https://issues.apache.org/jira/browse/VCL-645
> Project: VCL
> Issue Type: Improvement
> Components: database, vcld (backend), web gui (frontend)
> Reporter: Aaron Peeler
> Priority: Minor
> Fix For: 2.4
>
>
> after a load, fetch and store ssh fingerprint for end-users.
> User requested at NCSU to be able to double check ssh keys fingerprint to elevate concerns about man-in middle attack.
> database - extend database to store keys for rsa/dsa public keys
> web - within current reservations for linux OS/ssh connections provide a button for the user to see the fingerprint and also possible download to update their local known_hosts file?
> backend - A couple of options:
> 1) Allow host keys to be re-generated on each load, then fetch and store keys and allow users to see or download new fingerprint.
> 2) for every node store the original host keys, during post-load update the keys on the host. This will make it easier on the end-user to not have to update their known_hosts file or key stores
> Also would apply to windows related keys
--
This message was sent by Atlassian JIRA
(v6.1#6144)