[ale] Command name

Brian MacLeod nym.bnm at gmail.com
Tue Oct 11 11:51:31 EDT 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 10/10/11 11:23 PM, Robert Heaven wrote:
> The really hard part of using ssh keys is not the initial 
> distribution of the keys, it's the long term maintenance problems. 
> To solve both issues, one simple way is:
> 
<snip>
> 
> 
> I'm still thinking through the issue of changing the key, in case 
> it ever gets lost or compromised.


Using a centralized configuration engine (cfengine, puppet, and the
like) makes this a lot easier (initial and subsequent distributions).

Also require a completely different key set or other options to the
primary management server in case of compromise.

Brain

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)

iQE4BAEBCAAiBQJOlGYDGxhoa3A6Ly9rZXlzZXJ2ZXIudWJ1bnR1LmNvbQAKCRD5
XCJY/q4Y6KDTB/9sT9I3MYTY8JbyOolnLl+nmucNpVUsFHPuSVwb531sOXWNQT6t
V12pj3yDo2Zdn1IHnV7CALLjepHxLAXD4akw+UakVnl4vf2yrQme0Be7moDV0Wbx
t3j1UIkTgIm1OTKQCInz3bqq/ouGewL5/SEd23h0BnqKUH5pLenkNCQ3d8w7DzXU
0U7FXBfDfAl6gC5e5jRdGYpu1yYHboHOSW3KNs6Put3rGhFWwA+MPQSoWY2bcURr
cXrvmFTi4I8wd/m+CFtl+WiLfPeI/Kg2uGQQMMQd11CmkkQoqPDZE0dh+nhoJkx8
ZioE6ghtLk6uK4Rj4V4WyhlyR7EgfsMYWkal
=5852
-----END PGP SIGNATURE-----


More information about the Ale mailing list