On 10/18/2010 10:59 PM, Jefferson, Shawn wrote:
Thanks! Before I write it though, one way of doing it with bigfix is to put
the client.keys in a hidden everyone read share. Obviously somewhat insecure
and I wonder what the ramifications of potentially leaking out all your
client.keys are?
Best case would be to only leave the share up until your deployment is done of
course.
There are other ways to do it as well that are more secure, but not as flexible.
That right there is the crux of the issue. Almost every solution I have
come up with involves this trade-off, but in some situations it's not so
bad. I have a couple of methods I will post as well as long as I can
complete the testing and posts in the next few days. Otherwise, they'll
have to wait a bit.
--
Michael Starks
[I] Immutable Security
http://www.immutablesecurity.com
