Hi,
We have a few systems we'd like to setup with security and
authentication:
http://www.pcp.io/docs/lab.secure.html
http://www.pcp.io/docs/lab.auth.html
I have 2 questions:
1. In the "Secure Connections" documentation, the documentation seems
to be about certificates on the server side and ensuring the
authenticity of the of the server(pmcd). Has anyone looked into
implementing support for client(pmlogger, pminfo, etc) side certificates
for authentication/access-control?
Alternatively, should this be done through SASL authentication and
something like X509 certificates, which seem to be supported by SASL,
but I can't find any documentation on.
2. Is it possible to configure pmcd to reject all
non-secure/non-authenticated remote connections?
Basically I would like to do authentication based on a client side
certificate, and reject all other connections. Sorry if my terminology
is a little wrong, just starting to get my head around this stuff.
Thanks
Martins
|