On Thu, 2006-08-31 at 07:54 +0100, Mark McLoughlin wrote: > > > e.g. in your scheme, the puppet CA cert would be on the OS image and > the client uses that to authenticate the server. This is actually the key to dealing with the MITM attacks as it prevents the MITM from impersonating as the server to the client and the client to the server (and inserting bogus config bits such as SSH keys in the process). By distributing the puppet CA cert in the OS image we get the end-to-end secured channel. MITM can no longer impersonate as the server to the client (unless MITM compromised the server private keys). The weak link at this point becomes dhcp/tftp. Mr. bad guy would need to attack that point so that he could serve a different OS image with a different CA cert. If successful mr. bad guy could then run a successful MITM and give the client/victim bogus ssh keys. I'm not immediately aware of anyone that's looked at hardening dhcp/tftp. Jeff