The option was implemented a while ago, but was missing in the man page of gnt-cluster renew-crypto so far.
Signed-off-by: Helga Velroyen <[email protected]> --- man/gnt-cluster.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/man/gnt-cluster.rst b/man/gnt-cluster.rst index dec446a..416afda 100644 --- a/man/gnt-cluster.rst +++ b/man/gnt-cluster.rst @@ -855,7 +855,7 @@ RENEW-CRYPTO | [\--new-rapi-certificate] [\--rapi-certificate *rapi-cert*] | [\--new-spice-certificate | \--spice-certificate *spice-cert* | \--spice-ca-certificate *spice-ca-cert*] -| [\--new-ssh-keys] +| [\--new-ssh-keys] [\--no-ssh-key-check] | [\--new-cluster-domain-secret] [\--cluster-domain-secret *filename*] This command will stop all Ganeti daemons in the cluster and start @@ -888,7 +888,9 @@ signing CA certificate to ``--spice-ca-certificate``. The option ``--new-ssh-keys`` renews all SSH keys of all nodes and updates the ``authorized_keys`` files of all nodes to contain -only the (new) public keys of all master candidates. +only the (new) public keys of all master candidates. To avoid having +to confirm the fingerprint of each node use the +``--no-ssh-key-check`` option. Finally ``--new-cluster-domain-secret`` generates a new, random cluster domain secret, and ``--cluster-domain-secret`` reads the -- 2.4.3.573.g4eafbef
