[Freeipa-devel] [PATCH] 077 Skip know_host check for ipa-replica-conncheck
Rob Crittenden
rcritten at redhat.com
Wed Jun 8 15:32:20 UTC 2011
Simo Sorce wrote:
> On Wed, 2011-06-08 at 14:35 +0200, Martin Kosek wrote:
>> When IPA replica is installed and the master machine record is not
>> in ~/.ssh/known_hosts, ipa-replica-install will prompt user to answer
>> a question about adding a host to this file.
>>
>> This has, however, a potential to break automatic tests.
>> ipa-replica-conncheck should not require any further user interaction
>> when all mandatory options are filled.
>>
>> https://fedorahosted.org/freeipa/ticket/1305
>
> Instead of suppressing host check would it be possible to provide a
> properly formatted known_hosts entry that actually matches the master
> ssh host key ?
>
> Simo.
>
We decided that the Kerberos host key provides sufficient identity. A
new ticket was opened to more gracefully handle the known_hosts entry.
ack, pushed to master
rob
More information about the Freeipa-devel
mailing list