Hello all
I have found some older posts about people asking about password protecting the ssh-keys that the nodes use to communicate with eachother.
Many say that it will break certain functionality.
I was wondering if this is still the case? Or have those features that would have broke, now use the proxmox API instead?
My largest concern is that, if one node gets compromised, it is extremely easy for the threat actor to pivot across your entire proxmox cluster in 2 seconds.
My current thoughts on mitigating this is to add a pass-phrase to the ssh-keys granted nothing breaks. Unless there is another way to mitigate this?
Cheers!
I have found some older posts about people asking about password protecting the ssh-keys that the nodes use to communicate with eachother.
Many say that it will break certain functionality.
I was wondering if this is still the case? Or have those features that would have broke, now use the proxmox API instead?
My largest concern is that, if one node gets compromised, it is extremely easy for the threat actor to pivot across your entire proxmox cluster in 2 seconds.
My current thoughts on mitigating this is to add a pass-phrase to the ssh-keys granted nothing breaks. Unless there is another way to mitigate this?
Cheers!