O'Reilly logo

Learning SaltStack - Second Edition by Colton Myers

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Key management

Key management is another area of Salt with a vast range of convenience/security trade-offs. For convenience, Salt does not require you to manually transfer the keys between masters and minions in order for authentication to occur. Instead, the minion will contact the master, and the master will cache the minion's public RSA key, awaiting manual approval.

Often, if we just created the minion in question and a minion of that name appears in the master's key list, we can assume with some degree of certainty that the key we're accepting is the key of the minion we just created.

However, it's possible that a malicious party could have contacted the master under the same name. In this case, we would be accepting a key from a malicious ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required