Security on public network #2136
Comments
|
Also: it there's no authorization when using TLS encryption, what is the exact use case for it? It seems encrypting traffic with TLS is meaningless if anyone with access to network where TLS takes place, can retrieve any information by querying any api with |
|
@sheerun As you have identified, encryption and authentication/authorization are separate issues. TLS is an important first step so that sensitive data being sent to servers/clients is not over plaintext on the network. We plan to handle the authN/authZ problem for HTTP with ACLs similar to Consul. This is on the roadmap but does not exist currently. As to exposing RPC/Serf port that is fine when using TLS since we do mutual authentication. Thus we are using the certificate to authenticate. I am going to close this issue since we have #227 and #589 open to address these issues! I hope I answered all your questions. If not please let me know 👍 |
|
I'm going to lock this issue because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active issues. |
Hey,
I decided to connect nomad clients and servers through public network.
As far as I see, by default Nomad doesn't allow for authorizing its api endpoint (that can only use TLS for encrypting traffic, but not authorizing, as anyone can easily access and issue commands on exposed https api endpoint with something like
--insecureflag of curl).I figured out I can put nomad's api behind nginx proxy with basic auth enabled to secure the communication, but I have concerns whether the same bypass isn't possible for rpc and gossip traffic. So here is the question I'd like to ask:
Is it secure to expose rpc (with tls enabled) and gossip (with encryption enabled) endpoints on public network? Is it possible for attacker to inject arbitrary command, just like with http endpoint?
And if now: How can we enforce at token/userame-password authorization for all ports nomad uses?
The text was updated successfully, but these errors were encountered: