Re: Disabling host key checking on LAN

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 30 August 2015 at 18:53, Nico Kadel-Garcia <nkadel@xxxxxxxxx> wrote:
>
> On Sun, Aug 30, 2015 at 6:57 AM, Bostjan Skufca <bostjan@xxxxxx> wrote:
> > those were my thoughts, exacly, except that I was thinking about using "dig
> > +short HOST | ..." which has the cleanest output of all.
>
> It can get a bit confusing with
> round-robin DNS, which can give multiple responses.


Care to illustrate your use case?

I am having difficulties imagining it:
1. If you are managing particular host, you connect to its IP directly
(possibly via DNS entry).
2. If that DNS entry represents a service that has a load-balanced IP
list, you should not be connecting to arbitrary host in that list, but
use dedicated IP of particular server in that list, or am I missing
something here?

Additional point:
If your environment gets complicated enough, it probably justifies
usage of ProxyCommand directive with reference to dedicated
script/program that does the necessary plumbing (technical and
policy-wise) to set up your connection.

b.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux