329
you are viewing a single comment's thread
view the rest of the comments
[-] nickwitha_k@lemmy.sdf.org 10 points 2 years ago

So is using "pass" as the password to all of your sensitive systems. Still not best, or even good practice.

[-] JWBananas@startrek.website 19 points 2 years ago

Are you conflating self-signed and untrusted?

Self-signed is fine if you have a trusted root deployed across your environment.

[-] nickwitha_k@lemmy.sdf.org 6 points 2 years ago

Correct. If using actual pki with a trusted root and private CA, you're just fine.

I took the statement to mean ad-hoc self-signed certs, signed by the server that they are deployed on. That works for EiT but defeats any MitM protection, etc.

this post was submitted on 02 Oct 2023
329 points (100.0% liked)

Sysadmin

8826 readers
9 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 2 years ago
MODERATORS