Max, Cfengine version 3.1.0 is changing to a different key system based on a hash of the public key. This is specifically to better support mobile/dhcp hosts.
There is already support for dhcp is existing cfengine, but it will be simpler in future. M Max Arnold wrote: > Hello folks! > > Right now I'm evaluating different configuration management systems and > Cfengine 3 seems to be self contained and light on resources. But there is > one thing which can be showstopper for me: client machines without fixed > IP/DNS addresses. > > I skimmed briefly trough documentation and it seems that server stores > client's public key using IP address (or reverse DNS name?) in its filename. > Now if my client machines are hidden behind NAT or connected via random > wireless links, how authentication is supposed to work? I'm OK with manual > key exchange procedure, but I can not neither control nor predict IP/DNS > address which will be assigned to client machine when it connects to Cfengine > server. > > Can someone please clarify this? > > Thanks, Max > _______________________________________________ > Help-cfengine mailing list > Help-cfengine@cfengine.org > https://cfengine.org/mailman/listinfo/help-cfengine -- Mark Burgess ------------------------------------------------- Professor of Network and System Administration Oslo University College, Norway Personal Web: http://www.iu.hio.no/~mark Office Telf : +47 22453272 ------------------------------------------------- _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
