Okay, I totally did see this in the release notes but I read it that you weren't allowing certificates with IP addresses in them, not that you wouldn't allow IP authentication in auth.conf at all.
Jul 17 14:52:46 sj2-puppet puppet-master[13998]: Authentication based on IP address is deprecated; please use certname-based rules instead I don't feel that it is reasonable to expect that every puppet customer match up their naming scheme to their IP blocks, nor to want to list every possible naming scheme in their authorization list when an IP bitmask will do the job much more simply. I don't mind or care about IPs in certificates--I've never seen this, and don't expect to. But disallowing IP-based authentication is going to be very difficult at many sites, and possibly allow things which were never intended. Please reconsider this. -- Jo Rhett Net Consonance : net philanthropy to improve open source and internet projects. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
