Do you think IIT Guwahati certified course can help you in your career?
Introduction
Let's ensure we understand the foundational concepts before delving further into the subjects. Here is a quick introduction if you are unfamiliar with Puppet. You can automate and manage server configuration with a tool called Puppet. When using Puppet, specify the ideal state for the infrastructure systems you want to work with.
Adding node credentials
Add credentials to nodes to fix vulnerabilities and gain access to resources that have been discovered. Each credential is secured in the vault and encrypted.
The two authentication techniques are Windows Remote Management (WinRM) authentication with Windows nodes on ports 5986 and 5985 and Secure Shell (SSH) authentication with Linux nodes on port 22.
Secure Shell (SSH)
The two methods of SSH authentication are private key files with asymmetric encryption and username and password with negotiated encryption.
Windows Remote Management (WinRM)
Puppet Remediate uses NTLM authentication over HTTPS on port 5986 to establish a connection with Windows nodes. When enabled, Remediate uses NTLM authentication over HTTP on port 5985 as a fallback method if the default authentication is unsuccessful.
Secure Shell (SSH)
The two methods of SSH authentication are private key files with asymmetric encryption and username and password with negotiated encryption.
💁 There are a few requirements when using SSH authentication to find resources running on Linux nodes:
💡 Your SSH credentials need to be for the root account to install the Puppet agent on nodes.
💡 Your SSH credentials must be for the root account or a member of the Docker group to discover containers on nodes.
Add SSH private key files.
📁 To access resources and perform operations on your Linux hosts, upload an SSH private key file.
Click Manage Credentials in the sidebar.
Click SSH private key file after selecting Add credentials.
Select your files, click Browse, and then click Open.
Select Configure keys.
Enter a distinct and informative name in the Name field.
Give the credential a personal scope or both:
Discover resources on nodes: Only the resources on your Linux nodes may be discovered using this credential scope.
Run tasks: This password is only valid for using your Linux nodes to run tasks. There is no attempt to find resources when this specific scope is chosen.
Escalate privileges to root: When necessary, sudo will elevate non-root account privileges to root to run tasks on nodes. When a task is attempted to be run using non-root privileges and is unsuccessful, privilege escalation takes place.
In the Username field, enter your SSH username.
Enter your SSH passphrase in the Passphrase field, or leave it empty if your key is not encrypted.
Select Add keys.
Add SSH username and password.
📁 To find resources and perform operations on your Linux hosts, add an SSH username and password.
Click Manage credentials in the sidebar.
Click SSH credential.
Enter a specific and descriptive name in the Name field.
Give the credential a personal scope or both:
Discover resources on nodes: Only your Linux nodes' resources can be found using this credential scope.
Remediate vulnerabilities: This password is only valid for using your Linux nodes to run tasks. There is no attempt to find resources when this specific scope is chosen.
Escalate privileges to root: When necessary, sudo will elevate non-root account privileges to root to run tasks on nodes. When using non-root privileges, privilege escalation happens when the first attempt to complete a task fails.
5. Enter your SSH username in the Username field.
6. Enter your SSH password in the Password field, and then select Add Credential.
Windows Remote Management (WinRM)
Puppet Remediate uses NTLM authentication over HTTPS on port 5986 to establish a connection with Windows nodes. When enabled, Remediate uses NTLM authentication over HTTP on port 5985 as a fallback method if the default authentication is unsuccessful.
You must enable WinRM access on each host to find resources on your Windows hosts. To do this, run the commands below:
Add WinRM Credentials
To manage your credentials, click the sidebar.
Press WinRM credential.
Please enter a distinct and descriptive name in the Name field.
Give the credential a personal scope or both:
Discover resources on nodes: Only resources on your Windows nodes may be discovered using this credential scope.
Remediate vulnerabilities: This credential can only be used to execute tasks on Windows nodes. There is no attempt to find resources when this specific scope is chosen.
5. If HTTPS authentication fails by default, choose HTTP fallback to allow authentication over HTTP.
A block of Puppet code, known as a node definition, also called a node statement, is only present in the catalogues of matching nodes. You can do this to assign particular configurations to particular nodes.
What ports does Puppet use?
Port 8140 is the default for HTTPS traffic in Puppet. The OS and firewall must permit the JVM process inside the Puppet Server to accept incoming connections on this port. The web server's port can be changed.
What kind of architecture does Puppet adhere to?
Puppet employs a client-server or master-slave architecture. SSL, or secure socket layer, connects the puppet client and the puppet server. The system is model-driven.
Conclusion
In this article, we have discussed details of the Adding node credential, about Secure Shell, in which we learn about how to add SSH private keys files, add SSH username and password, and Windows remote management.
We hope this blog has helped you enhance your knowledge of Node Concepts in Puppet Remediate. If you'd like to learn more, Check out the following links:
7+ registered 
