[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Disaster Recovery.

From: Luke A. Kanies
Subject: Re: Disaster Recovery.
Date: Thu, 20 May 2004 14:03:43 -0500 (CDT)

On Thu, 20 May 2004, Michael Little wrote:


One question... How are you dealing with authentication keys?

I suppose you could just insure that keys have been pushed from both the policy host and the backup policy host, or trust keys from the policy host(s). I am just curious as to how you have addressed this.

I store all of my cfengine (and ssh) keys in LDAP and have a simple script to pull the keys down and store them appropriately. This allows me to very easily equip each host on my network with every other host's key (and allows me to build a global ssh_known_hosts file).

That solves more than just the disaster recovery problem, because it allows you to easily serve files from any host to any other host.

"The major difference between a thing that might go wrong and a thing
that cannot possibly go wrong is that when a thing that cannot possibly
goes wrong goes wrong it usually turns out to be impossible to get at
or repair."                           -- Douglas Adams, Mostly Harmless
Luke Kanies | |

reply via email to

[Prev in Thread] Current Thread [Next in Thread]