On Wed, 26 May 2010 03:40:33 -0500
Rob Townley <rob.town...@gmail.com> wrote:
> Tinc does not have a common shared secret between peers but that would
> probably be an improvement to make it more like the hamachi vpn. If
> both nodes do not have each other's public key host file, they should
> not be able to communicate when tinc is in strict mode. In order to
> receive something from another tinc node, you would need to trick the
> remote node into getting your tinc host key file. Probably not all
> that hard of a trick, but a good reason to have central management of
> a mesh network.
> Tinc-vpn does not use a Certificate Authority nor X.509, so that is a
> weakness of tinc on a large scale. Each tinc node uses a host
> text file containing a RSA public key that needs to be distributed
> manually to each node if using a strict (tinc version 1.13)
> connection configuration. The mesh nature in a less strict / less
> secure config allows nodes to connect to other nodes that it does not
> have a public certificate for by connecting to an intermediate node.
> A central management point such as available in freeIPA or
> ocsinventory-ng would make tinc more favorable.
If tinc used kerberos as an optional authentication method then it
would not even need the additional RSA public/private key pairs.
All it would need is to have a host keytab and access to the FreeIPA
server to get a ticket for the other machine. At that point you have
mutual authentication and blessing from the KDC. The only downside is
that p2p connection wouldn't work if the central server is not
reachable at all, but that's probably ok.
Anyway, this is a very interesting idea, if someone wants to play with
it I am willing to lend a hand to help the effort. Although at the
moment we do not have time/resources to start an effort on our own, we
may reconsider this after we get 2.0 out of the door.
Simo Sorce * Red Hat, Inc * New York
Freeipa-users mailing list