Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-14118

Support Host Key verification

    XMLWordPrintable

Details

    • Story
    • Status: Resolved (View Workflow)
    • Minor
    • Resolution: Fixed
    • Next
    • 30.0.0
    • None
    • Security Level: Default (Default Security Scheme)

    Description

      When opening a connection to a remote device, we should verify the host key against a known fingerprint. This fingerprint should be stored in metadata. This can be opt-in by not doing a check if no host-key is assigned.

      Without host-key checking, we will send the username/password credentials to every host on which the monitor is configured. This could potentially leak the credentials..

      Attachments

        Activity

          People

            fooker Dustin Frisch
            fooker Dustin Frisch
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.