Setup a Minion to Master Validation Fingerprint
In highly secure network configurations you may wish to ensure your minions are connecting a specific master.
To setup validation from minion to master enter the masters fingerprint within the /etc/salt/minion
configuration file.
See the following procedure:
-
On the master enter the following command as root and note the fingerprint:
salt-key -F master
On your minion, open the minion configuration file located in
/etc/salt/minion
. Uncomment the following line and enter the masters fingerprint replacing the example fingerprint:master_finger: 'ba:30:65:2a:d6:9e:20:4f:d8:b2:f3:a7:d4:65:11:13'
-
Restart the salt-minion service:
# systemctl restart salt-minion
For more information on configuring security from a minion see: https://docs.saltstack.com/en/latest/ref/configuration/minion.html