Re: Puppet Bootstrapping

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2006-08-31 at 07:54 +0100, Mark McLoughlin wrote:

> 	
> 
> 	e.g. in your scheme, the puppet CA cert would be on the OS image and
> the client uses that to authenticate the server.
This is actually the key to dealing with the MITM attacks as it
prevents the MITM from impersonating as the server to the client
and the client to the server (and inserting bogus config bits
such as SSH keys in the process).

By distributing the puppet CA cert in the OS image we get the
end-to-end secured channel.  MITM can no longer impersonate
as the server to the client (unless MITM compromised the server
private keys).


The weak link at this point becomes dhcp/tftp.  Mr. bad guy
would need to attack that point so that he could serve a
different OS image with a different CA cert.  If successful
mr. bad guy could then run a successful MITM and give the
client/victim bogus ssh keys.  I'm not immediately aware of
anyone that's looked at hardening dhcp/tftp.

Jeff


[Index of Archives]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Linux Media]     [Device Mapper]

  Powered by Linux