NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: ssh host key bootstrap

On 29.09.2011 18:09, David Young wrote:
How do people manage growing numbers of SSH host keys?

After I have installed a new machine, ideally I would distribute its
SSH public host key to all of my SSH client hosts, and load all of my
SSH server public hosts' keys on the new machine.  In actual practice,
I usually verify host keys the first time I log in to/from the new
machine.  That's really tedious.

Has anyone struck on a trustworthy and convenient way to keep
ssh_known_hosts files synchronized across a bunch of NetBSD / Mac OS X /
Linux boxes?

Not for sync, but latest OpenSSH can use CAs. So that might simplify the situation quite a bit if you have lots of hosts.

Jean-Yves Migeon

Home | Main Index | Thread Index | Old Index