Re: Question on SSH configuration in a cluster environment.
From: Doug O'Leary (dkoleary_at_olearycomputers.com)
Date: 01/20/04
- Next message: Security Alert: "SSRT3596 Rev.2 rpc.mountd"
- Previous message: Ari Rankum: "Re: PCI and SBus adapter"
- In reply to: Richard E. Silverman: "Re: Question on SSH configuration in a cluster environment."
- Next in thread: Snoopy_: "Re: Question on SSH configuration in a cluster environment."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 20 Jan 2004 17:24:59 GMT
In article <m2isja1jp3.fsf@darwin.oankali.net>, Richard E Silverman wrote:
>
> Because now it is impossible for SSH to tell the difference between these
> hosts in *any* situation, not just when users are connecting to the
> clustered service. In other words, when someone does "ssh cluster," they
> simply want to be assured that they are logging into one of the cluster
> machines -- which the solution given here allows:
>
> http://groups.google.com/groups?&threadm=m1l1ylwuijr.fsf%40sys1.des.jhy.us.ml.com
>
> However, if a sysadmin does "ssh cluster-member-1", he wants to be assured
> he's actually logging into that box. Giving them all the same key defeats
> that ability; if one box is compromised, they can all be spoofed.
That's a pretty elegent solution; I like that. I may very well have
an opportunity to implement that soon. Thanks.
Doug
-- -------- Senior UNIX Admin O'Leary Computer Enterprises dkoleary@olearycomputers.com (w) 630-904-6098 (c) 630-248-2749 resume: http://home.comcast.net/~dkoleary/resume.html
- Next message: Security Alert: "SSRT3596 Rev.2 rpc.mountd"
- Previous message: Ari Rankum: "Re: PCI and SBus adapter"
- In reply to: Richard E. Silverman: "Re: Question on SSH configuration in a cluster environment."
- Next in thread: Snoopy_: "Re: Question on SSH configuration in a cluster environment."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
