mirror of
https://github.com/ostreedev/ostree.git
synced 2024-12-22 17:35:55 +03:00
d4adb79539
Document options for accessing repositories that require authentication.
1.0 KiB
1.0 KiB
nav_order |
---|
9 |
Handling access to authenticated remote repositories
{: .no_toc }
- TOC {:toc}
There is no default concept of an "ostree server"; ostree expects to talk to a generic webserver, so any tool and technique applicable for generic HTTP can also apply to fetching content via OSTree's builtin HTTP client.
Using mutual TLS
The tls-client-cert-path
and tls-client-key-path
expose the underlying HTTP code for mutual TLS.
Each device can be provisioned with a secret key which grants it access to the webserver.
Using basic authentication
The client supports HTTP basic
authentication, but this has well-known management drawbacks.
Using cookies
Since this pull request ostree supports adding cookies to a remote configuration. This can be used with e.g. Amazon CloudFront.