Setup a Minion to Master Validation Fingerprint

In highly secure network configurations you may wish to ensure your minions are connecting a specific master. To setup validation from minion to master enter the masters fingerprint within the /etc/salt/minion configuration file. See the following procedure:

  1. On the master enter the following command as root and note the fingerprint:

    salt-key -F master

    On your minion, open the minion configuration file located in /etc/salt/minion. Uncomment the following line and enter the masters fingerprint replacing the example fingerprint:

    master_finger: 'ba:30:65:2a:d6:9e:20:4f:d8:b2:f3:a7:d4:65:11:13'
  2. Restart the salt-minion service:

    # systemctl restart salt-minion

For more information on configuring security from a minion see: https://docs.saltstack.com/en/latest/ref/configuration/minion.html