[ovirt-users] [Fwd: options for root and password]
Alon Bar-Lev
alonbl at redhat.com
Tue Oct 21 07:49:02 UTC 2014
----- Original Message -----
> From: "Sven Kieske" <s.kieske at mittwald.de>
> To: users at ovirt.org
> Sent: Tuesday, October 21, 2014 10:40:39 AM
> Subject: Re: [ovirt-users] [Fwd: options for root and password]
>
>
> On 21/10/14 09:21, Sven Kieske wrote:
> > I don't know if this is still valid, I don't find any
> > options regarding public/private keys in ovirt 3.3. but
> > I would be very interested in this topic to tighten security.
>
> It just turns out this already works in ovirt 3.3.2
> maybe even earlier, but I would like to know
> if the point about host key validation on the mentioned wiki
> page is still true, as I think this would be cve-worthy.
When host is added its ssh fingerprint is recorded in database, and is enforced from this point on.
Only at Edit Host dialog it can be modified.
You can also pre-fetch the fingerprint before adding the host at Add Host dialog in order to confirm that it is the correct host, it will add this fingerprint to database and enforce it when adding the host too.
More information about the Users
mailing list