1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 <2022> 2023 2024 | Index | 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 <2022> 2023 2024 |
<== Date ==> | <== Thread ==> |
---|
Subject: | RE: Allowing localhost in access control files |
From: | Freddie Akeroyd - STFC UKRI via Tech-talk <tech-talk at aps.anl.gov> |
To: | Simon Rose <Simon.Rose at ess.eu>, "ralph.lange at gmx.de" <ralph.lange at gmx.de>, "tech-talk at aps.anl.gov" <tech-talk at aps.anl.gov> |
Date: | Tue, 14 Jun 2022 16:22:34 +0000 |
Hi Simon, we bind all our IOCs to localhost on each host and then use a CA gateway on the same machine to control any required access from the main network to loopback Regards, Freddie
From: Tech-talk <tech-talk-bounces at aps.anl.gov>
On Behalf Of Simon Rose via Tech-talk Hello Ralph - That might work on at least one of our hosts, but some of them will also want to be able to be accessed from outside, unfortunately. S. From:
Tech-talk <tech-talk-bounces at aps.anl.gov> on behalf of Ralph Lange via Tech-talk <tech-talk at aps.anl.gov> On Mon, 13 Jun 2022 at 15:27, Simon Rose via Tech-talk <tech-talk at aps.anl.gov> wrote:
Actually... If the only aim is to restrict access to clients on the local machine (e.g. for test environments to not affect other hosts), I would bind the IOC's server to localhost and not use AS. Cheers, This email and any attachments are intended solely for the use of the named recipients. If you are not the intended recipient you must not use, disclose, copy or distribute this email or any of its attachments and should notify the sender immediately and delete this email from your system. UK Research and Innovation (UKRI) has taken every reasonable precaution to minimise risk of this email or any attachments containing viruses or malware but the recipient should carry out its own virus and malware checks before opening the attachments. UKRI does not accept any liability for any losses or damages which the recipient may sustain due to presence of any viruses. |