Re: ssh to failover target?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Les Mikesell wrote:
I have some machines that send ssh commands to a load balancer appliance that is really a pair of machines that can fail over to each other. The ssh keys are set up on both targets, but whenever the active target is changed, ssh issues a warning about a "man-in-the-middle" attack also goes to the log and the console which tends to alarm the operators. Setting the strict host check to no lets the command complete anyway, but is there a way to get rid of the warning completely?


install the same SERVER private keys (ssh_host_*_key) on both targets. those are different than the public keys that get copied to the client(s).

normally, the server private key gets generated when sshd is installed, and each machine is unique, but since these machines are acting as a cluster that acts as a single server, it makes sense to share keys.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux