Commit b123fb31 authored by Helga Velroyen's avatar Helga Velroyen

Detailing SSH part of 'desing-node-security'

This patch elaborates the node security design wrt to SSH
key handling to make sure it is feasible before starting
the implementation.
In this updated design the first and more simple proposal
of simply removing the private root key from normal nodes
was abandoned, because the implementation of various
node operations (adding/removing, promoting/demoting)
turned out to contain too many security problems so that
the second proposal, where each node get's a separate
key pair was chosen to be implemented.
Signed-off-by: default avatarHelga Velroyen <helgav@google.com>
Reviewed-by: default avatarKlaus Aehlig <aehlig@google.com>
parent 87ed6b79
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment