[CentOS] ssh to failover target?
John R Pierce
pierce at hogranch.com
Sun May 6 03:03:38 UTC 2007
Les Mikesell wrote:
> I have some machines that send ssh commands to a load balancer
> appliance that is really a pair of machines that can fail over to each
> other. The ssh keys are set up on both targets, but whenever the
> active target is changed, ssh issues a warning about a
> "man-in-the-middle" attack also goes to the log and the console which
> tends to alarm the operators. Setting the strict host check to no lets
> the command complete anyway, but is there a way to get rid of the
> warning completely?
>
install the same SERVER private keys (ssh_host_*_key) on both targets.
those are different than the public keys that get copied to the client(s).
normally, the server private key gets generated when sshd is installed,
and each machine is unique, but since these machines are acting as a
cluster that acts as a single server, it makes sense to share keys.
More information about the CentOS
mailing list