- This topic has 2 replies, 2 voices, and was last updated 2 days, 20 hours ago by
.
-
Posts
-
Hi!
With inverse connection mode, when a node is added to the ECS from the node itself, the public key of the node has to be present on the ECS.
How and when is this public key used ?
Is it used to encrypt key used for symmetric encryption between ECS & node ?
Thanks !
Regards,
Steve.
The key is used only to authenticate the node host, so that ECS is sure a connection is incoming from an authorized host. The encryption key is negotiated between client and server as part of initial SSL/SSH handshake.
Hi!
So the symetric encryption key is not encrypted with public key of the node stored in
/var/NX/nx/.nx/config/authorized.crt
?
How is the symetric encryption key protected during exchange ?
I’ve noticed sometimes the public key of a node is deleted fromĀ /var/NX/nx/.nx/config/authorized.crt when a node is deleted but it doesn’t seem to be done in a systematic way.
When exactly a public key is deleted fromĀ /var/NX/nx/.nx/config/authorized.crt file ?
Is it the same logic when the node is deleted from UI or with the command line ?
Thanks,
Regards,
Steve.
You must be logged in to reply to this topic. Please login here.