Hi ReassuredTiger98 ,
Authentication-wise, all communication with the server is authenticated using a JWT token. In the open version, fileserver is indeed not included in this scheme (however, of you use any other object storage solution such as S3/minio, that's already built-in)
Heya ReassuredTiger98 ,
Is there anything specific you're looking for?
Hey 🙂
No, nothing specific. It is just that users can get a sense of false security.
I think in the open source it's bring your own security on most cases ^^
It's still worth mentioning that HTTPS termination is up to the deployment, and is highly recommended if you deploy your server in an open network.
SuperiorPanda77 Would love to get a PR if you're up for it
Thank you! I agree with CostlyOstrich36 that is why I meant false sense of security 🙂
Thank you SuccessfulKoala55 so actually only the file-server needs to be secured.
I think a note about the fileserver should be added to the https://clear.ml/docs/latest/docs/deploying_clearml/clearml_server_security page!