Displaying 2 results from an estimated 2 matches for "trivini".
Did you mean:
trivial
2007 Dec 19
7
Kerberos for authentication?
Greetings!
Are there any plans of using Kerberos for authentication in addition to (or
in place of) SSL certificates in Puppet?
Kerberos provides mutual, cryptographically strong authentication. A number
of different services are Kerberos-enabled (SSH, NFSv4 and HTTP are common
examples), and thus use the same authentication mechanism system-wide. At our
site, almost all services and users are
2007 Dec 08
6
Creating certificates with puppetca with puppet.example.com as CommonName
Greetings!
As you undoubtedly know, the fixes for CVE 2007-5162 in ruby break
installations where puppetca has created certificates with a CommonName
different from the server's real hostname. The Puppet clients quite correctly
complains about hostname mismatch.
A number of better and worse solutions have been suggested for this problem,
especially in ticket #896. IMHO, there are two good