Forum: Cfengine Help
Subject: Interactive key trust no permenant
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,18135,18135#msg-18135
# cf-runagent -iIH arcdev01
WARNING - You do not have a public key from host arcdev01 = 10.129.148.11
Do you want to accept one on trust? (yes/no)
--> yes
-> Will trust the key...
...........................................................................
* Hailing arcdev01 : 5308, with options "" (serial)
...........................................................................
-> Trusting server identity, promise to accept key from arcdev01=10.129.148.11
Now again non-interactive
# cf-runagent -IH arcdev01
...........................................................................
* Hailing arcdev01 : 5308, with options "" (serial)
...........................................................................
Challenge response from server arcdev01/10.129.148.11 was incorrect!
I: Report relates to a promise with handle ""
I: Promise is made internally by cfengine
!! Authentication dialogue with arcdev01 failed
I would expect that the key trust could be a one time question much like SSH's
host key trust. Am I mistaken?
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
