MD5 key naming instead of IP's/hostnames

Mon, 27 Jun 2011 09:45:08 -0700 

Hello,

I've got some problems after that key naming change, each of my client
keys are received from a remote location after the server install. So
is it possible to generate its root-md5= remotely ( without any
contact with the machine that should receive that key)?

root@karoly:/var/cfengine/ppkeys# cf-promises -v | grep MD5
cf3>  -> Defined classes = { 10_211_55_18 64_bit Afternoon Day27
GMT_Hr16 Hr13 Hr13_Q3 June Lcycle_1 Min35_40 Min39 Monday
PK_MD5_1107ecac56dc91d30b3b8f22d275eae4 Q3 Yr2011 __21c_42ff_fe60_f033
any cfengine cfengine_3 cfengine_3_1 cfengine_3_1_5 common
community_edition compiled_on_linux_gnu debian debian_6 debian_6_0
debian_6_0__n__l diskfree_high_normal entropy_cfengine_in_low
entropy_cfengine_out_low entropy_dns_in_low entropy_dns_out_low
entropy_ftp_in_low entropy_ftp_out_low entropy_icmp_in_low
entropy_icmp_out_low entropy_irc_in_low entropy_irc_out_low
entropy_misc_in_low entropy_misc_out_low entropy_netbiosdgm_in_low
entropy_netbiosdgm_out_low entropy_netbiosns_in_low
entropy_netbiosns_out_low entropy_netbiosssn_in_low
entropy_netbiosssn_out_low entropy_nfsd_in_low entropy_nfsd_out_low
entropy_smtp_in_low entropy_smtp_out_low entropy_ssh_out_low
entropy_tcpack_in_low entropy_tcpack_out_low entropy_tcpfin_in_low
entropy_tcpfin_out_low entropy_tcpsyn_in_low entropy_tcpsyn_out_low
entropy_udp_in_low entropy_udp_out_low entropy_www_in_low
entropy_www_out_low entropy_wwws_in_low entropy_wwws_out_low
fe80__21c_42ff_fe60_f033 have_aptitude ipv4_10 ipv4_10_211
ipv4_10_211_55 ipv4_10_211_55_18 karoly karoly_ngoma_virt linux
linux_2_6_32_5_amd64 linux_x86_64 linux_x86_64_2_6_32_5_amd64
linux_x86_64_2_6_32_5_amd64__1_SMP_Mon_Mar_7_21_35_22_UTC_2011
net_iface_eth0 ngoma_virt rootprocs_high_normal syslog_low_normal
verbose_mode virt x86_64 }
root@karoly:/var/cfengine/ppkeys# md5sum *
17e24ed7e0bdd47f892eb2ac4d1ac316  localhost.priv
6a9d5f41c88d3ba3ab53963b9b89b5b3  localhost.pub

I should have the key in my cfserver/ppkeys before deploying a new
server in production, and would be really easy do that instead of
control a lot of network sub ranges.
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to