Re: ssh host key bootstrap

To: David Young <dyoung%pobox.com@localhost>
Subject: Re: ssh host key bootstrap
From: Chuck Swiger <cswiger%mac.com@localhost>
Date: Thu, 29 Sep 2011 10:55:37 -0700

On Sep 29, 2011, at 9:09 AM, David Young wrote:
> Has anyone struck on a trustworthy and convenient way to keep
> ssh_known_hosts files synchronized across a bunch of NetBSD / Mac OS X /
> Linux boxes?

Start with ssh-keyscan.

(And maybe end with it, rather than trying to synchronize anywhere else.  If 
you want to rsync/scp /etc/ssh_known_hosts around as root from there, well, 
consider whether this is adding more complexity and root compromise risk than 
you would gain in security by accumulating SSH host keys.)

Regards,
-- 
-Chuck

References:
- ssh host key bootstrap
  - From: David Young

Prev by Date: Re: current - stropts.h header
Next by Date: java error
Previous by Thread: ssh host key bootstrap
Next by Thread: Re: ssh host key bootstrap
Indexes:

Home | Main Index | Thread Index | Old Index