Greetings list, I was hoping you could offer a small piece of advice, re: TLS certificates and rsyslog;
I have a farm of ubuntu instances in the Amazon EC2 cloud, and am implementing encrypted remote syslogging. In the gssapi documentation, it states that it is a bad idea to "use these [host certificates] on more than one instance, [because] doing so would prevent [me] from distinguising between the instances and thus would disable useful authentication." This would mean that not only do I have to create over 50 client certs to start with, but because of the way in which we currently backup & provision EC2 cloud server instances, I would have to generate a new host cert on every instance reboot. Besides the obvious security concerns, what effects would there be from sharing a cert as it is explicitly stated to not do? How indistinguishable does the log traffic become? Don't remote syslog messages come with a hostname in plaintext anyway? (Besides, rsyslog has templated output too !) Would time-stamp collisions cause logging failures? If the issues are not unresolvable, my plan is to generate a unique client certificate per machine TYPE, (webserver, DB & slaves, load-balancer, api proxy, etc.) thus allowing me to continue with our current method of single-image instance provisioning, while gaining (mostly) secure centralized logging. I'd appreciate some experienced insight into the matter, of course, hence this email. Regards, -G Gavin McDonald _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
