cfkeys not being accepted - Domain name not understood.

[Morgan Ives]

Help,

     I am trying to "push" cfagent executions on my clients
     via cfrun from my server using cfservd connections.

The sequence:

SETUP
      1) Ran cfkey on server and client.  Keys created in
            /var/cfengine/ppkeys on both server and client.

      2) Started cfservd on client with
               control:
                     domain = ( <DNS-domain> )
                     cfrunCommand = (  " <cfagent command> " )

       3) Started cfserd on server with
                  control:
                         domain = ( <DNS-domain> )
                         TrustKeysFrom = ( <ip of client> )

      4) Ran "limited" cfagent on client with
           copy :  with server=<server> and trustkey=true
           to force generation of  client:/var/cfengine/ppkeys/root-<server-ip>.pub

TEST RUN
      1) Ran cfrun-v  on server.  Accepted key from client.
                cfrun fails with following message:

     <client>  replies..
 Host authentication failed. Did you forget the domain name?
   Connection with <client> completed

DEBUG

      1) Examined cksums for /var/cfengine/ppkeys/<files>
            on both systems.  Each has other's key correctly.

       2) domain listed in cfagent.conf and cfservd.conf as
                         domain = (< DNS-domain> )

       3) domain listed in  cfrun.hosts as
                        domain = <DNS-domain>
            ( No parens seems to be correct syntax for cfrun.hosts file.)
 
 

Any clues would be helpful.
                        Morgan