[GE users] SSH and host keys

prentice prentice at ias.edu
Mon Feb 9 21:26:54 GMT 2009


opoplawski wrote:
> Anyone know how to avoid the following:
> 
> $ qrsh -l idllic=1
> The authenticity of host '[apollo.cora.nwra.com]:42115 
> ([192.168.0.118]:42115)' can't be established.
> RSA key fingerprint is be:14:c6:b3:7e:23:48:57:71:c2:02:75:74:7e:f4:ec.
> Are you sure you want to continue connecting (yes/no)?
> 
> every time qrsh is run and the massive population of host keys it causes?
> 

Use ssh-keyscan to pre-populate the key database on each system:

ssh-keyscan -t rsa,dsa -f /tmp/ssh_hosts | sort -n >
/etc/ssh/ssh_known_hosts

rm /tmp/ssh_hosts

There's a man page for ssh-keyscan that can give you the full details. I
wrote a script to automate this on my cluster so that when I re-install
a new node, I don't need to worry about preserving the node's ssh keys -
I just update /etc/ssh/ssh_known_hosts by running the script after the
install.

-- 
Prentice

------------------------------------------------------
http://gridengine.sunsource.net/ds/viewMessage.do?dsForumId=38&dsMessageId=103012

To unsubscribe from this discussion, e-mail: [users-unsubscribe at gridengine.sunsource.net].



More information about the gridengine-users mailing list