[Gluster-devel] Better-SSL thought

[James]

On Tue, 2014-06-17 at 09:07 -0400, Jeff Darcy wrote:
> 
> ----- Original Message -----
> > On Tue, Jun 17, 2014 at 12:39 AM, Jeff Darcy <jdarcy at redhat.com> wrote:
> > > Unfortunately, *distributing* those keys and
> > > certificates securely is always going to be a bit of a problem.
> > 
> > 
> > Well, as we had discussed, puppet-gluster could be an easy way to
> > solve this... 
> 
> How does puppet-gluster distribute those keys etc. *securely*?  Are
> there techniques we could borrow for those who run GlusterFS without
> puppet?

Good question. There are different options, depending on how much the
puppet module author cares about security, or his/her module... There
are a few possibilities:

* Use a similar technique as discussed here:
https://ttboj.wordpress.com/2014/06/06/securely-managing-secrets-for-freeipa-with-puppet/

Basically this amounts to local key generation on a server.

* Generate private key yourself and store in puppet. I think this is
sort of a bad practice, but it's extremely common. Since puppet has root
on your boxes anyways, you're already sort of p0wned, but I don't like
to make the situation worse.

* Combination of distributed local key generation, plus secure partner
exchange. Depending on your API, I'd probably go this route if it's
possible. Basically each member would generate locally a key pair and
exchange the public parts. Then they would use this cryptography to
exchange individual private chunks to make up the key. Alternatively you
could elect one master to generate the key instead of generating it in a
distributed way.

Which reminds me, what about your interface/API?

Cheers,
James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://supercolony.gluster.org/pipermail/gluster-devel/attachments/20140617/82895945/attachment.sig>