Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-3485

'cf-remote install --bootstrap' should support '--trust-keys=/some/path1,/some/path2,...'

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Done
    • Priority: Higher
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.18.0
    • Component/s: contrib: cf-remote
    • Labels:
      None

      Description

      For secure CFEngine deployments the key of the hub needs to be put to the hosts bootstrapping to it so that they only bootstrap to the desired hub and not some random machine that receives the connection on the given IP-port combination. To do this with cf-remote, it needs to allow specifying the hub key when doing cf-remote install --bootstrap... on the clients. Multiple keys may need to be specified in other cases (failover hub,...)

        Attachments

          Activity

            People

            • Assignee:
              vpodzime Vratislav Podzimek
              Reporter:
              vpodzime Vratislav Podzimek
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Summary Panel