chef - [chef] Securing Knife

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Securing Knife

From: "Kemp, Joseph A. (JKEMP)" < >
To: " " < >
Subject: [chef] Securing Knife
Date: Wed, 6 Nov 2013 22:40:32 +0000
Accept-language: en-US

I am puzzled how to secure the use of knife in open source chef. If I add a password to the user PEM I am forced to enter the password multiple times for each knife command. So that’s not a very user friendly option. Someone else suggested storing the pem on an encrypted file system/device/etc. What is the best practice to provide controlled admin access to the chef server? It’s a little unnerving that someone with a copy of any admin PEM file gains complete control over your infrastructure. I feel like I must be missing something.

Thanks,

-Joe

[chef] Securing Knife, Kemp, Joseph A. (JKEMP), 11/06/2013
- [chef] Re: Securing Knife, Mike, 11/06/2013
  - [chef] RE: Re: Securing Knife, Kemp, Joseph A. (JKEMP), 11/06/2013
    - [chef] Re: Securing Knife, Brad Knowles, 11/06/2013
  - [chef] RE: Re: Securing Knife, Kadel-Garcia, Nico, 11/07/2013
    - [chef] Re: RE: Re: Securing Knife, Julian C. Dunn, 11/07/2013
      - [chef] RE: Re: RE: Re: Securing Knife, Kemp, Joseph A. (JKEMP), 11/07/2013
        
        [chef] Re: RE: Re: RE: Re: Securing Knife, Ranjib Dey, 11/07/2013
        
        [chef] Re: Re: RE: Re: RE: Re: Securing Knife, Lamont Granquist, 11/09/2013
        
        [chef] RE: Re: Re: RE: Re: RE: Re: Securing Knife, Kadel-Garcia, Nico, 11/09/2013
        [chef] Re: RE: Re: Re: RE: Re: RE: Re: Securing Knife, Phil Cryer, 11/09/2013