[GE users] SSH and host keys

prentice prentice at ias.edu
Mon Feb 9 21:29:29 GMT 2009


prentice wrote:
> opoplawski wrote:
>> Anyone know how to avoid the following:
>>
>> $ qrsh -l idllic=1
>> The authenticity of host '[apollo.cora.nwra.com]:42115 
>> ([192.168.0.118]:42115)' can't be established.
>> RSA key fingerprint is be:14:c6:b3:7e:23:48:57:71:c2:02:75:74:7e:f4:ec.
>> Are you sure you want to continue connecting (yes/no)?
>>
>> every time qrsh is run and the massive population of host keys it causes?
>>
> 
> Use ssh-keyscan to pre-populate the key database on each system:
> 
> ssh-keyscan -t rsa,dsa -f /tmp/ssh_hosts | sort -n >
> /etc/ssh/ssh_known_hosts
> 
> rm /tmp/ssh_hosts
> 
> There's a man page for ssh-keyscan that can give you the full details. I
> wrote a script to automate this on my cluster so that when I re-install
> a new node, I don't need to worry about preserving the node's ssh keys -
> I just update /etc/ssh/ssh_known_hosts by running the script after the
> install.
> 

This should be obvious but, I'll mention it anyway: /tmp/ssh_hosts is a
file you create yourself in advance containing the names of the hosts
you want in your known_hosts file.

-- 
Prentice

------------------------------------------------------
http://gridengine.sunsource.net/ds/viewMessage.do?dsForumId=38&dsMessageId=103013

To unsubscribe from this discussion, e-mail: [users-unsubscribe at gridengine.sunsource.net].



More information about the gridengine-users mailing list