Hi,
Is there any in-built security provided to the port represented by the env var EG_RESPONSE_PORT (default value 8877) in Enterprise Gateway?
We see TCP socket communication happening on this port and wondering if there is any vulnerability risk on this port and needs to be secured.
Thanks,
Debashis
Hi @debashis1982 - thanks for your question.
All responses received on this port are expected to utilize two forms of encryption - one that has encrypted a key, the other has encrypted the connection information of the remote kernel (using that key). The public/private key pair, used to secure the key are ephemeral - existing only during the lifetime of the EG process and never persisted.
If you have further questions, please open an issue or discussion item.
Thank you for your interest in EG.
Kevin.