Sysadmin

7716 readers

12 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 1 year ago

MODERATORS

[email protected]

308

You have a organizational identity right? (lemmy.zip)

submitted 1 year ago by [email protected] to c/[email protected]

35 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] -5 points 1 year ago (1 children)

So is using "pass" as the password to all of your sensitive systems. Still not best, or even good practice.

[–] [email protected] 18 points 1 year ago (1 children)

Are you conflating self-signed and untrusted?

Self-signed is fine if you have a trusted root deployed across your environment.

[–] [email protected] 4 points 1 year ago

Correct. If using actual pki with a trusted root and private CA, you're just fine.

I took the statement to mean ad-hoc self-signed certs, signed by the server that they are deployed on. That works for EiT but defeats any MitM protection, etc.