perfsonar-user - [perfsonar-user] MA authentication feature request
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Casey Russell <>
- To:
- Subject: [perfsonar-user] MA authentication feature request
- Date: Thu, 10 May 2018 12:46:56 -0500
- Ironport-phdr: 9a23:kqO2cxaYfNTMIez48UCnoir/LSx+4OfEezUN459isYplN5qZr8m6bnLW6fgltlLVR4KTs6sC17KN9fi4EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCazbL9oMBm6sRjau9ULj4dlNqs/0AbCrGFSe+RRy2NoJFaTkAj568yt4pNt8Dletuw4+cJYXqr0Y6o3TbpDDDQ7KG81/9HktQPCTQSU+HQRVHgdnwdSDAjE6BH6WYrxsjf/u+Fg1iSWIdH6QLYpUjmk8qxlSgLniD0fOjA5/m/ZidF+grxHrx+6vRNz35TZbZuJOPZifK7Qe84RS2pbXsZWUixMGp2xYJEUD+UfPedTspXzp0YVrRulGwasAOfvwSJPi3Dqx606zv8hERrY0wwkG9IDq3fUo8/zNKcIT++1yrPEzTPdYPNKwDrw7pXDfB4mofGJR71wcMzRxFErFwPEiFWQqpLqMC6U1uQLqWSU8+1gVee3h247pQBxoySvxtsyhYnTnI4a1lfE9SBhzIY2P9K4TlR7bsCiEJdKsSGVKZd2T8U/SG9roCY30qMKtJ+ncCUIzZknyR3SZOebf4WN7R/vSPqdLDl9iX15ZL6/iRO//E2+xuHiTca51ktBoDBfndnWrH8N0gTe6siZRft5+UeswTOP2BrS6uFAOEw0krbbJ4I4zr8/iJYfr1/MEjX5mEXxi6+WeUEk9fay5+v7ZbXmo4eQN45yig7gLqQjgtKzDOUkPgUMWmWb9+ex26b/8UD8T7hGkuE6n6fcvZ/GOcgbqKu0DgpL3oo98BmzFzKm384ZnXkDIlJFYhWHj43xNl7SOvD4EOy/g0+ynzdvw/DLJb7hDY/LLnjZjrjhe6xx60hCxwov1dxf/Y5bCqkdIPLvXU/8rMTYAQEjMwy62ObnD9N92ZkEWW6WH6+ZK73dsUWT6+IrIumMf5MVuC3jJ/Q/5v7ui2M5lkEHfamvw5QXdG60Eu54LEqEfHq/yusGRH8HpAQlS+rjkhifSjNJT3e0Q68m4DwnUsSrAZqQaJqqhemq1Ty2D9Vse3tdB1SIWSPjbZifQPoIbAqRK8l7nzpCU7W9HdxynSqyvRP3nuI0ZtHf/TcV4Mru
There might be a better place to make feature requests, but I'm sitting here adding 40+ individual "authenticate by IP" entries to esmond (again) because I reinstalled a host that participates in a large mesh.
785-856-9809
It occurs to me, it would dramatically simplify these authentication setups if I could say (perhaps in the meshconfig-agent.conf file?) something along the lines of esmond_authenticate=yes So that any hosts that are a part of the "mesh configured" testing could be automatically authenticated by IP (and IPv6).
I realize you'd have to do lookups for both A and AAAA records and somehow feed that to esmond. But this would reduce the complexity of configuring these meshes (and making them green up) by a massive amount.
I'd recommend of course that the default setting be esmond_authenticate=no so the default behavior is the (presumably safer) option where you have to manage authentication manually.
thoughts?
Sincerely,
Casey Russell
Network Engineer
785-856-9809
2029 Becker Drive, Suite 282
Lawrence, Kansas 66047
Lawrence, Kansas 66047
- [perfsonar-user] MA authentication feature request, Casey Russell, 05/10/2018
- Re: [perfsonar-user] MA authentication feature request, Andrew Lake, 05/10/2018
Archive powered by MHonArc 2.6.19.