Re: Cryptographic signature of configuration files

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cryptographic signature of configuration files

From:	Mark . Burgess
Subject:	Re: Cryptographic signature of configuration files
Date:	Sun, 12 Nov 2000 09:25:40 +0100 (MET)

On 11 Nov, Mark R. Lindsey wrote:
> Has anyone seen a study or a project using cryptographically-signed
> centrally-managed configuration files?
> 
> I'm working on a system wherein configuration files will be distributed
> from a central server to several secondary servers and finally to the
> configured hosts (the `clients' in the whole system). I want the clients
> to authenticate the new configuration files that are received. I'm hoping
> that someone has already explored potential nonobvious complexities,
> if there are any.
> 
> ---
> Mark R. Lindsey, mark@commerceEngine.com, +1-229-241-7378x200
> 

I like this idea a lot. One simple thing you could do would be to
use PGP to sign files, and then cf.preconf to verify them
before use.

Mark

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272            Email:  Mark.Burgess@iu.hio.no
Fax : +47 22453205            WWW  :  http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Prev in Thread]

Current Thread

[Next in Thread]

Cryptographic signature of configuration files, Mark R. Lindsey, 2000/11/11
- Re: Cryptographic signature of configuration files, Mark . Burgess <=

Prev by Date: Cryptographic signature of configuration files
Next by Date: Negating classes -- patch solution
Previous by thread: Cryptographic signature of configuration files
Next by thread: Negating classes -- patch solution
Index(es):
- Date
- Thread