>> I was wondering how easy/hard is it for a hacker to control my hosts >> by impersonating puppetmaster, say by poisoning DNS to point >> puppet.dom.ain to their own server? >> Are there reasosns why that would not work? > > The SSL layer and its key exchange mechanism should handle that.
New agents would not know the difference, however, and trust the attacker's master. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
