NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: ssh host key bootstrap

On Sep 29, 2011, at 9:09 AM, David Young wrote:
> Has anyone struck on a trustworthy and convenient way to keep
> ssh_known_hosts files synchronized across a bunch of NetBSD / Mac OS X /
> Linux boxes?

Start with ssh-keyscan.

(And maybe end with it, rather than trying to synchronize anywhere else.  If 
you want to rsync/scp /etc/ssh_known_hosts around as root from there, well, 
consider whether this is adding more complexity and root compromise risk than 
you would gain in security by accumulating SSH host keys.)


Home | Main Index | Thread Index | Old Index