Am 26.03.2017 um 19:52 schrieb Ivan Gomez: >> Maybe you could instead explain why you believe you need to make your >> users ignore that warning? > > The DNS name is a VIP. There is a load balancer that connects the user > to one of many servers. When the load balancer connects the users to a > new backend server, they see the "scary" SSH warning. I understand > your concern with initially disabling host checking under normal > conditions, but this environment is highly controlled and the network > is isolated.
In that case, the sane approach (IMO) would be to use the load balancer already offered by X2Go - the X2Go Session Broker - which would also bring the advantage that you can resume sessions and that you have one central location where you administer the session configuration - the broker server. Your X2GoClients connect to the broker, authenticate against it, and in return they receive one or more "session tiles" to click on. The broker-side configuration for those is set up in a way so that they'll always end up on the machine with the lowest load, unless they have a suspended session somewhere. If you want to tinker with that approach, you can install your own demo setup (say, in VMware Workstation, VirtualBox or KVM) in just a few steps by following our tutorial here: <http://wiki.x2go.org/doku.php/doc:howto:x2gobroker> The second best approach would be to use your system management tools (if you have such a large farm of servers, I would assume you're using something like ansible/puppet/chef) to deploy the same host key to all your X2Go servers hiding behind that DNS name. -Stefan -- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243
signature.asc
Description: OpenPGP digital signature
_______________________________________________ x2go-user mailing list x2go-user@lists.x2go.org http://lists.x2go.org/listinfo/x2go-user
