You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Feb 23, 2023. It is now read-only.
Víctor Méndez edited this page Jun 4, 2013
·
3 revisions
This is a request for comments about the next generation security method in the Virtual Machines.
The aim is to avoid the risk of put a private key certificate in the VMs, even when this keys are in private images or secured copy to a VMs.
A more secure aproach would be to use a X509 temporal proxy, for the nature of such method the secure copy would be the method to put it in the VMs. The DIRAC proxy manager Agent could be used to renewal the VMs proxies when close to expire.
The secure aproach is to put all the control of the renewal in the DIRAC server side, so a initially a ssh access is necesary to copy the proxy. Unfortunally this method is not allways suported by IaaS providers.
Ideas ? Comments ?