Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

How can I distribute hostkeys for users?

With the combination of sshkey{} and exported resources, I can distribute a hostkey in the server fleet. The results show up in the file /etc/ssh/ssh_known_hosts.

Now I want to install a clustered application, which runs as a specified user, let's call him "appuser".

How can I ensure all required hostkeys for user "appuser", that

  • a script running as "appuser" at hostA
  • can login into hostB => without the question to accept the new hostkey (for user "appuser)?

I remarked, that the fileformat of "/etc/ssh/ssh_known_hosts" and "/home/appuser/.ssh/known_hosts" differs.

Any ideas without lowering the security level of sshd?

How can I distribute hostkeys for users?

With the combination of sshkey{} and exported resources, I can distribute a hostkey in the server fleet. The results show up in the file /etc/ssh/ssh_known_hosts.

Now I want to install a clustered application, which runs as a specified user, let's call him "appuser".appuser.

How can I ensure all required hostkeys for user "appuser", appuser, that

  • a script running as "appuser" appuser at hostA
  • can login into hostB => hostB
  • without the question to accept the new hostkey (for for user "appuser)?appuser?

I remarked, that the fileformat of "/etc/ssh/ssh_known_hosts" /etc/ssh/ssh_known_hosts and "/home/appuser/.ssh/known_hosts" /home/appuser/.ssh/known_hosts differs.

Any ideas without lowering the security level of sshd?

How can I distribute hostkeys for users?

With the combination of sshkey{} and exported resources, I can distribute a hostkey in the server fleet. The results show up in the file /etc/ssh/ssh_known_hosts./etc/ssh/ssh_known_hosts.

Now I want to install a clustered application, which runs as a specified user, let's call him appuser.

How can I ensure all required hostkeys for user appuser, that

  • a script running as appuser at hostA
  • can login into hostB
  • without the question to accept the new hostkey for user appuser?

I remarked, that the fileformat of /etc/ssh/ssh_known_hosts and /home/appuser/.ssh/known_hosts differs.

Any ideas without lowering the security level of sshd?