Pandora: QuickGuides EN: Secure communication with tentacle
1 Configure Tentacle including security options
How to configure both agents and Tentacle server for secure communication, using a Tentacle proxy.
First, we recommend carrying out manual tests from the terminals to to ensure that the configuration, parameters and certificates are correct.
1.1 Manual testing
1. Manually boot the tentacle_server:
sudo -u user tentacle_server -x password -e tentaclecert.pem -k tentaclekey.pem -f cacert.pem -s /tmp -v
2. Manually boot the proxy (only follow this step if you are using a Tentacle proxy): sudo -u user tentacle_server -b ip_server -g 41124
3. Manually launch tentacle_client:
sudo -u user tentacle_client -a ip_proxy/ip_server -x password -e tentaclecert.pem -k tentaclekey.pem -v /bin/ls (or any file)
ALWAYS indicate in the parameters the absolute paths where the certificates are, for example,/home/tentaclecert.pem
Once you've checked that the file send has been successful, you can permanently configure the tentacle_server and the clients.
To configure the tentacle_server to include certification options, edit the service start-up script tentacle_serverd, usually found in /etc/init.d/tentacle_serverd, as you would when configuring an intermeditae point to function as a proxy.
To configure agents to use Tentacle's secure communications, edit the configuration files pandora_agent.conf, usually found in /etc/pandora/pandora_agent.conf.