One way to secure the tentacle server is to configure certificates on server and client by verifying the certificate with a specific CA on both.
For this configuration we will have to indicate the certificates and keys used for encryption in the configuration of the Tentacle server and the clients.
Launching the server by hand we will have to include the -e, -k y -f parameters:
# su - pandora -s /bin/bash # tentacle_server -v -e tentacle_cert -k tentacle_key -f ca_cert -s /tmp
Launching the client by hand we will have to include the -e, -k y -f parameters:
# echo test > file.txt # tentacle_client -v -e tentacle_client_cert -k tentacle_client_key -f ca_cert -a
If this manual execution works correctly, we can make the configuration permanent.
For the tentacle server we will modify the file /etc/tentacle/tentacle_server.conf
ssl_cert tentacle_cert ssl_ca ca_cert ssl_key tentacle_key
For Pandora agents we will modify the file /etc/pandora/pandora_agent.conf o %ProgramFiles%\pandora_agent\pandora_agent.conf (depending on the operating system):
server_opts -e tentacle_client_cert -k tentacle_client_key -f ca_cert
For Pandora satellite servers we will modify the /ect/pandora/satellite_server.conf:
server_opts -e tentacle_client_cert -k tentacle_client_key -f ca_cert