[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Turn Off Use of Keys and Encryption

From: Brendan Strejcek
Subject: Re: Turn Off Use of Keys and Encryption
Date: Wed, 4 Jan 2006 13:11:52 -0600
User-agent: Mutt/1.5.6+20040818i

Pletan, Ray wrote:

> We are implementing cfengine for post server build configuration. I
> would like to turn OFF the use of keys and encryption to do this.

Why would you want to do that? Are you trying to avoid the key
distribution problem? If so, and you don't care about authenticating
your clients, you can use a combination of the TrustKey, TrustKeysFrom,
and DynamicAddresses control variables to almost get around having to
use keys.

As far as I know, there is no way to disable the need for client keys.
Even if you run cfagent unpriviliged and with no network copies, it
will still complain and exit if you do not first generate keys with
cfkey. I would recommend just building that step into your bootstrap
procedure and using whatever level of key trust is appropriate to your


Senior System Administrator
The University of Chicago
Department of Computer Science

reply via email to

[Prev in Thread] Current Thread [Next in Thread]