1450570 – [RFE] Bootdisks should be over an encrypted connection as an option.

Bug 1450570 - [RFE] Bootdisks should be over an encrypted connection as an option.

Summary: [RFE] Bootdisks should be over an encrypted connection as an option.

Keywords:
Status:	CLOSED DUPLICATE of bug 1248733
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Bootdisk Plugin
Sub Component:
Version:	6.2.9
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	Unspecified
Assignee:	Lukas Zapletal
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-05-13 09:28 UTC by Abhishek Sahni
Modified:	2021-09-09 12:19 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-05-17 11:56:08 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	SAT-4991	0	None	None	None	2021-09-09 12:19:50 UTC

Description Abhishek Sahni 2017-05-13 09:28:55 UTC

Description of problem:

As per documentation:

- https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/pdf/architecture_guide/Red_Hat_Satellite-6.2-Architecture_Guide-en-US.pdf 

- On page 16 it is stated in the diagram that the Satellite's Foreman module provides the bootdisk via tcp/80 to the Capsule's Pulp module (Or directly to hosts). Where bootdisks contain network sensitive information.

If satellite/capsule/host(s) will be on public network then information can be leaked - MITM (Man in the middle attack).

Comment 3 Lukas Zapletal 2017-05-17 11:56:08 UTC

Support for HTTPS handling is being worked on in iPXE project, so far the patch was not yet accepted by upstream.

*** This bug has been marked as a duplicate of bug 1248733 ***

Note You need to log in before you can comment on or make changes to this bug.