Difference between revisions of "Reset Encryption Data"

From FOG Project
Jump to: navigation, search
(Created page with "This pertains to the new fog client available in FOG 1.3.0 and above, and does not apply to the legacy fog client that was available in 1.2.0 and below. The “Reset encrypti...")
(No difference)

Revision as of 01:33, 15 September 2015

This pertains to the new fog client available in FOG 1.3.0 and above, and does not apply to the legacy fog client that was available in 1.2.0 and below.

The “Reset encryption data” is mainly doing one thing: Clearing the security token for a host.

Each host has a security token used by the client. This token is private; only the client knows it and is protected. It is used to prove the identity of the host, ensuring no one ‘fakes’ being a certain host. So when you 'Reset Encryption Data", you are essentially telling the server that the first host to say that they are the host in question gets ‘locked’ in (pinned is the technical term).

In order to have encrypted traffic, the handshake must occur. During the handshake the server proves its identity to the client, and the client proves its identity to the server (using the security token). If the handshake fails (due to a bad security token), encryption cannot occur.

The most common scenario where the security tokens for a client will be incorrect is if you manually uninstall a client, and then install it.