You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@vcl.apache.org by "Aaron Peeler (JIRA)" <ji...@apache.org> on 2012/11/06 15:26:12 UTC

[jira] [Created] (VCL-645) store/update ssh fingerprint for unix machines for end-user reservations

Aaron Peeler created VCL-645:
--------------------------------

             Summary: store/update ssh fingerprint for unix machines for end-user reservations
                 Key: VCL-645
                 URL: https://issues.apache.org/jira/browse/VCL-645
             Project: VCL
          Issue Type: Improvement
          Components: database, vcld (backend), web gui (frontend)
            Reporter: Aaron Peeler
            Priority: Minor
             Fix For: 2.4


after a load, fetch and store ssh fingerprint for end-users. 
User requested at NCSU to be able to double check ssh keys fingerprint to elevate concerns about man-in middle attack.

database - extend database to store keys for rsa/dsa public keys
web -  within current reservations for linux OS/ssh connections provide a button for the user to see the fingerprint and also possible download to update their local known_hosts file?

backend - A couple of options:

1) Allow host keys to be re-generated on each load, then fetch and store keys and allow users to see or download new fingerprint.  

2) for every node store the original host keys, during post-load update the keys on the host. This will make it easier on the end-user to not have to update their known_hosts file or key stores




--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira