Date: Fri, 27 Jun 2008 12:21:16 +0100 From: Anton Shterenlikht <mexas@bristol.ac.uk> To: Mike Clarke <jmc-freebsd@milibyte.co.uk> Cc: freebsd-questions@freebsd.org Subject: Re: ssh StrictHostKeyChecking=no refuse connection when key changed Message-ID: <20080627112116.GA11096@mech-aslap33.men.bris.ac.uk> In-Reply-To: <200804281131.35233.jmc-freebsd@milibyte.co.uk> References: <20080425160939.GA9863@mech-aslap33.men.bris.ac.uk> <EA92F240-7932-42CB-A669-F63942EDD3D4@mac.com> <20080428093759.GA71558@mech-aslap33.men.bris.ac.uk> <200804281131.35233.jmc-freebsd@milibyte.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 28, 2008 at 11:31:34AM +0100, Mike Clarke wrote: > On Monday 28 April 2008, Anton Shterenlikht wrote: > > > This works fine until Node1 is down, in which case the cluster > > software directs all connections to 10.10.10.1 to Node2. Since > > its key doesn't match what's in known_hosts, the connection is > > refused. > > > > At present I tune the VMS cluster and reboot individual nodes > > frequently. I'd like to be able to tell ssh to ignore key mismatch > > at this stage. > > Just a quick, and untested, thought. Could you use the same key files on > all the nodes in the cluster? It might work unless ssh on the local > machine objects to machines having identical keys in the known_hosts > file. Mike I quite forgot to reply to this. YOu are right, of course. I thought a bit about the whole idea of sharing system files in a VMS cluster and realised that the keys must be identical. All I did was to point each cluster node to the same key file. All is fine now. Yes, known_hosts has 6 identical keys for 6 different ip addresses, and ssh doesn't complain. many thanks anton -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080627112116.GA11096>