Pletan, Ray wrote: > We are implementing cfengine for post server build configuration. I > would like to turn OFF the use of keys and encryption to do this.
Why would you want to do that? Are you trying to avoid the key distribution problem? If so, and you don't care about authenticating your clients, you can use a combination of the TrustKey, TrustKeysFrom, and DynamicAddresses control variables to almost get around having to use keys. http://www.cfengine.org/docs/cfengine-Reference.html#TrustKeysFrom http://www.cfengine.org/docs/cfengine-Reference.html#DynamicAddresses As far as I know, there is no way to disable the need for client keys. Even if you run cfagent unpriviliged and with no network copies, it will still complain and exit if you do not first generate keys with cfkey. I would recommend just building that step into your bootstrap procedure and using whatever level of key trust is appropriate to your environment. Best, Brendan -- Senior System Administrator The University of Chicago Department of Computer Science http://www.cs.uchicago.edu/people/brendan http://praksys.blogspot.com/ _______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine
