[tahoe-lafs-trac-stream] [tahoe-lafs] #2142: How to enhance WebUI default security?

tahoe-lafs trac at tahoe-lafs.org
Tue Dec 24 13:37:08 UTC 2013 

#2142: How to enhance WebUI default security?
------------------------------------------------+--------------------------
 Reporter:  amontero                            |          Owner:
     Type:  enhancement                         |         Status:  new
 Priority:  normal                              |      Milestone:
Component:  code-frontend-web                   |  undecided
 Keywords:  websec confidentiality privacy wui  |        Version:  1.10.0
                                                |  Launchpad Bug:
------------------------------------------------+--------------------------
 I'm setting up a LAN grid that where I would like to protect storage nodes
 WebUIs from casual eavesdroppers. I connect to storage nodes via WebUI to
 do checks and tests, and would like to be a bit safer to wireless
 sniffers, for instance.
 I assume that enabling SSL for all node's WebUIs would be enough for that,
 maybe I've overlooked something. Just common-sense rule-of-thumb: (most
 of)SSL will be better than NO SSL.
 Then I thought that the easiest way to do this is, not to even generate
 any certs locally, but reuse the "private/node.pem" existing one. Looks
 the easiest, good karma points.
 Perhaps that's not possible/advisable and is a blatant "no-no" that I
 could not be aware of. Tried reading the code a little and read
 https://github.com/tahoe-lafs/pycryptopp/blob/master/README.ed25519.rst
 and I'm not sure. But, here I've could be completely mislead and I don't
 understand most of it. My doubts are:
 * what security will have this "node.pem" key for webui SSL?
 * is "node.pem" even suitable for using it as SSL cert?

 I asked in IRC and was given nice alternatives, such as lafs-rpg or ssh
 tunnels, but doing by enabling just SSL I seem to understand that's not as
 easy and secure af it sounds. But here I might fall short on
 understandings of some crypto/PKI concepts. So, anyway at least as a FAQ I
 would like to know if it is possible or if it can be achieved someway.
 Here it might raise ideas, such as "why we don't generate a default
 'private/webui.pem' and recommend in tahoe.cfg comments?". I think that
 switching to from NO SSL to SSL WebUI is worth having, isn't it?

 I think making this a bit clear for non cryptologists could at least be a
 nice security FAQ, even if not advisable.

-- 
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2142>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list