Question: Communication security #134
Comments
|
Hello there! A very valid question. I should have called more attention to this in the documentation, but Cronicle does secure all of its API calls. User requests are obviously authenticated by username/password and then a session cookie, but internal server-to-server communications are also secured. They use a secret key system: https://github.com/jhuckaby/Cronicle#secret_key Basically, all the servers in a Cronicle cluster need to have the exact same |
|
Essentially a shared secret. Is communication secured using TLS? |
|
Shared secret, correct. Nope, Cronicle doesn't really support HTTPS at this time. That is in the works: #27 |
|
Ideally. One would use HTTPS with client/server authentication. You could replace the shared secret with that (as it's far better). The process would roughly be:
|
|
Yup, that would be more secure. I'm worried about ease of setup and the complexity of managing these certs, however. Perhaps it could be implemented as an option. |
|
If it's entirely enclosed in the Cronicle ecosystem, it should be the same as the current secrets, just longer. You can base-64 encode the needed structures in place of the secret. |
Hi again,
How is the communication between slaves and masters secured? Is it possible for a slave to be contacted by any "master" (or somebody posing as one) and be issued commands?
Other projects for orchestration, like Salt, use private/public key cryptography, to identify both ends of the communication (master refuses slaves it doesn't know, and slaves refuse masters they don't recognize).
The text was updated successfully, but these errors were encountered: