Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-2500

[RFE] Add a warning about using BASIC auth in insights-client.conf

XMLWordPrintable

    • Normal
    • sst_insights
    • False
    • Hide

      None

      Show
      None
    • Enhancement
    • Hide
      Feature, enhancement (describe the feature or enhancement from the user’s point of view):
      Reason (why has the feature or enhancement been implemented):
      Result (what is the current user experience):
      Show
      Feature, enhancement (describe the feature or enhancement from the user’s point of view): Reason (why has the feature or enhancement been implemented): Result (what is the current user experience):

      +++ This bug was initially created as a clone of Bug #2188004 +++

      Description of problem:
      Overall we are documenting "basic" authentication as an alternative to the "cert" method, however when using basic authentication the username and password remain in plain text.

      The goal of this RFE is not to provide encryption, but to add a Warning in the configuration file to encourage customer to stick with "authmethod=BASIC"

      Version-Release number of selected component (if applicable):
      Focus on RHEL9 and RHEL8

      Actual text in insights-client.conf:
      ~~~

      1. Change authentication method, valid options BASIC, CERT. Default BASIC
        #authmethod=BASIC
      1. username to use when authmethod is BASIC
        #username=
      1. password to use when authmethod is BASIC
        #password=
        ~~~

      Proposed text in insights-client.conf:
      ~~~

      1. Change authentication method, valid options BASIC, CERT.
      2. The recommended and default method is CERT.
      3. Changing to BASIC is less secure and not recommended as the username and password will be stored in plain text in the configuration file.
        #authmethod=BASIC
      1. username to use when authmethod is BASIC
        #username=
      1. password to use when authmethod is BASIC
        #password=
        ~~~

      Additional info:

            mgrunwal@redhat.com Martin Grunwald
            ptoscano@redhat.com Pino Toscano
            RH Bugzilla Integration RH Bugzilla Integration
            RH Bugzilla Integration RH Bugzilla Integration
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: