Hi, i'm just experimenting with cfengine. In my situation i have a central server with fixed ip address and many machines with changing ip addresses (DSL Road Warriors).
My current implementation relies on SSH Key trust where the clients hold the public key of the server and thus allow him to make changes (true this is a push method and you'll say that pulling is better, but hey this is obviously just the reason i'm looking for cfengine as replacement solution ;-)) I've tried to set up a central cfengine server and establish a trust to a client. As long as the client keeps it's ip address all goes well. But this ideal situation only lasts 24 hours until the german isp kills it's connection and assigns a new ip. Using HostnameKeys = ( on ) is also no solution because cfengine uses the dns name via reverse lookup for the host - which obviously is not the name of the client but the dummy name the isp has configured for the RoadWarror IP the client just bought. Is there any way to use the ssh keys one can generate with ssh-keygen instead of the automated approach cfengine tries? Has anyone a solution for my problem? Am i missing some obvious point? Thanks Andrew _______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine
