Re: [ovirt-users] [Fwd: options for root and password]

From: "Alon Bar-Lev" <alonbl(a)redhat.com&gt; To: "Sven Kieske" <s.kieske(a)mittwald.de&gt; Cc: users(a)ovirt.org Sent: Tuesday, October 21, 2014 10:49:02 AM Subject: Re: [ovirt-users] [Fwd: options for root and password] ----- Original Message ----- > From: "Sven Kieske" <s.kieske(a)mittwald.de&gt; > To: users(a)ovirt.org > Sent: Tuesday, October 21, 2014 10:40:39 AM > Subject: Re: [ovirt-users] [Fwd: options for root and password] > > > On 21/10/14 09:21, Sven Kieske wrote: > > I don't know if this is still valid, I don't find any > > options regarding public/private keys in ovirt 3.3. but > > I would be very interested in this topic to tighten security. > > It just turns out this already works in ovirt 3.3.2 > maybe even earlier, but I would like to know > if the point about host key validation on the mentioned wiki > page is still true, as I think this would be cve-worthy. When host is added its ssh fingerprint is recorded in database, and is enforced from this point on. Only at Edit Host dialog it can be modified. You can also pre-fetch the fingerprint before adding the host at Add Host dialog in order to confirm that it is the correct host, it will add this fingerprint to database and enforce it when adding the host too.

_______________________________________________ Users mailing list Users(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/users