Hello, I have a kind of problem: I need to connect to a virtual host (a f "floating" IP address) that is one of two physical hosts in a HA environment. Yesterday the virtual IP address was moved to another host. Today ssh refuses to connect, because the host key is different. Reading the documentation I found that there is no command line option (documented) to temporarily bypass "StrictHostKeyChecking", and it seems to be impossible to specify multiple alternative hostkeys for a virtual host in "knows_hosts" (it would make sense however IMHO). Using the same host keys for both machines is not what I would like to do (assuming it would help), and I don't want to disable "StrictHostKeyChecking" globally. So what's the (or a good) solution? Regards, Ulrich P.S. openssh-3.5p1
Ulrich Windl wrote:> I have a kind of problem: I need to connect to a virtual host (a f "floating" > IP address) that is one of two physical hosts in a HA environment. Yesterday > the virtual IP address was moved to another host. > > Today ssh refuses to connect, because the host key is different. Reading the > documentation I found that there is no command line option (documented) to > temporarily bypass "StrictHostKeyChecking", and it seems to be impossible to > specify multiple alternative hostkeys for a virtual host in "knows_hosts" (it > would make sense however IMHO).ssh -o StrictHostKeyChecking=no clusterhost ?> Using the same host keys for both machines is not what I would like to do > (assuming it would help), and I don't want to disable "StrictHostKeyChecking" > globally.In ssh_config or $HOME/.ssh/config: Host clusterhost StrictHostKeyChecking no> So what's the (or a good) solution?Generate a set of keys for each node, plus a set for each floating address. Have each node run its own sshd listening on its main IP address with its "node" keys, and the machine with the production address run another sshd on it with the "floating" keys. Note that this means you have to migrate the production sshd along with the rest of your production services. I'd probably just use the same keys for all the machines in the cluster. The keys are to prevent a MITM attack, and since all of the machines in the cluster are presumably under the same administrative control, I don't think separate keys buy you much. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
On Thu, 11 Sep 2003, Ulrich Windl wrote: [...]> Today ssh refuses to connect, because the host key is different. Reading the > documentation I found that there is no command line option (documented) toHave you tried -o "StrictHostKeyChecking ask" ? (or no instead of ask, if you prefer) Actually -o option have been documented since quite a long time ago.> temporarily bypass "StrictHostKeyChecking", and it seems to be impossible to > specify multiple alternative hostkeys for a virtual host in "knows_hosts" (it > would make sense however IMHO). > > Using the same host keys for both machines is not what I would like to do > (assuming it would help), and I don't want to disable "StrictHostKeyChecking" > globally. > > So what's the (or a good) solution? > > Regards, > Ulrich > P.S. openssh-3.5p1Best regards, Wojtek
Apparently Analagous Threads
- prompt to update a host key
- ECDSA and first connection; bug?
- [Bug 2400] New: StrictHostKeyChecking=no behaviour on HOST_CHANGED is excessively insecure
- OpenSSH 3.5p1 (HP version): permissions of public identity
- [Bug 3176] New: can't figure out how to test StrictHostKeyChecking accept-new