[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Administering a thousand hosts
From: |
Mark Burgess |
Subject: |
Re: Administering a thousand hosts |
Date: |
Thu, 18 Nov 2004 15:36:27 +0100 |
User-agent: |
Mutt/1.4.2i |
You should read carefully the documentation of copy on the webite.
Using ssh to distirbute keys offers no improvement to security.
M
On Wed, Nov 17, 2004 at 09:52:02AM +1100, Tim Nelson wrote:
> On Tue, 16 Nov 2004, Dar?o Mariani wrote:
>
> >Thanks for the answer.
> >How did you handle the distribution of cfengine public keys? When I
> >run cfrun there is a key interchange that it asks me to accept.
>
> There are a variety of ways of doing this. I personally have a
> script that:
> 1. Sets cfservd to trust that IP irrespective of key
> 2. Uses ssh to trigger the first cfengine run (which will do the key
> exchange)
> 3. Sets cfservd to not trust the IP
>
> I hope this answers the question.
>
> Incidentally, cfengine works in something you could call
> master/slave config, so if you grow, you can do that kind of thing too.
>
> :)
>
> --
> Tim Nelson
> Server Administrator
> WebAlive Technologies Global
> Level 1 Innovation Building, Digital Harbour
> 1010 LaTrobe Street
> Docklands, Melbourne,
> Vic, 3008
> Phone: +61 3 9934 0812
> Fax: +61 3 9934 0899
> E-mail: tim.nelson@webalive.biz
> http://www.webalive.biz/
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://lists.gnu.org/mailman/listinfo/help-cfengine
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272 Email: Mark.Burgess@iu.hio.no
Fax : +47 22453205 WWW : http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~