help-cfengine
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cfengine] Re: cfengine errors

From: Bas van der Vlies
Subject: Re: [Cfengine] Re: cfengine errors
Date: Wed, 6 Nov 2002 08:52:55 +0100 
On Tue, 5 Nov 2002 15:33:47 -0800
Tracy R Reed <treed@ultraviolet.org> wrote:

> On Wed, Nov 06, 2002 at 12:12:06AM +0100, Mark.Burgess@iu.hio.no spake
> thusly:
> > Tracy -- you might need to install a key-pair on a new host. It looks as
> > though the config files are not being copied and that connection to a
> > server is failing due to missing authentication keys.
> >
> > Do a cfagent -p -v to find the version being used.
> 
> We are running cfengine version 2.0.4. 
> 
> > Look in /var/cfengine/inputs for input files. and in /var/cfengine/ppkeys
> > for keys (localhost.pub etc). 
> 
> le tho install script was running I remember seeing cfkey being run. 
> 
> On one of the hosts in question the ppkeys directory contains:
> 
> -rw-------    1 root     root         1743 Sep 11 15:51 localhost.priv
> -rw-------    1 root     root          426 Sep 11 15:51 localhost.pub
> 
> Are these the only keys I need?
> 

If you want to update the config files from a server then this directory also
contains the public key for the server:
        root-a.b.c.d.pub  (a.b.c.d = ip-address)

> inputs contains only:
> 
> -rwxr-xr-x    1 root     root         2055 Sep 12 16:44 update.conf
> 
What is in update.conf? Do you copy the input files for cfagent from a
server. I have the following code in the copy section of my update.conf:
  trustkey=true

This will accept the server public key and place it in /var/cfengine/ppkeys.
        
 
On the server you have to accept the key from the client machine. You
can configure this in cfservd.conf on the server with the keyword:
 TrustKeysFrom

                Hope This Helps


--
********************************************************************
*                                                                  *
*  Bas van der Vlies                     e-mail: basv@sara.nl      *
*  SARA - Academic Computing Services    phone:  +31 20 592 8012   *
*  Kruislaan 415                         fax:    +31 20 6683167    *
*  1098 SJ Amsterdam                                               *
*                                                                  *
********************************************************************
reply via email to
[Prev in Thread] Current Thread [Next in Thread]