Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-3485

'cf-remote install --bootstrap' should support '--trust-keys=/some/path1,/some/path2,...'

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Done
    • Priority: Higher
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.18.0
    • Component/s: cf-remote
    • Labels:
      None

      Description

      For secure CFEngine deployments the key of the hub needs to be put to the hosts bootstrapping to it so that they only bootstrap to the desired hub and not some random machine that receives the connection on the given IP-port combination. To do this with cf-remote, it needs to allow specifying the hub key when doing cf-remote install --bootstrap... on the clients. Multiple keys may need to be specified in other cases (failover hub,...)

        Attachments

          Activity

            People

            Assignee:
            vpodzime Vratislav Podzimek
            Reporter:
            vpodzime Vratislav Podzimek
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: