Hmm, so using a hosts file as my test (copying to /tmp, non-
destructively) was a hint I didn't realize I was giving myself ;-)
Thanks for this.
On Feb 15, 2006, at 12:50 AM, Marco van Beek wrote:
I would just like to add that almost all our our authentication
problems have been caused by some form of lookup problem. This is
what I now do:
1) Check both /etc/hosts files - make sure localhost/localdomain is
only on the line for 127.0.0.1, and not the public/private IP
address (which should have the full name & short alias).
2) Run /bin/hostname and make sure it gives you the full name. I
also tend to run "hostname -d" to check the domain name, hostname -
f to double check the FQDN, and hostname -s to check the shortname.
I do this to double check as I think (and I never got to the
bottom) that hostname on it's own was checking the hosts file, and
hostname with an argument checked the hostname file.
3) Check both forward & reverse dns at BOTH ends. (I don't think
reverse DNS matters too much to CFEngine but is a good indicator of
a bad DNS setup somewhere). You should get the same results.
All the other authentication problems have either been badly
configured cfservd conf files, or a bad key (fogetting to press the
insert key in vi before pasting the key in is my favourite!).
--
Paul Beard
contact info: www.paulbeard.org/paulbeard.vcf
Are you trying to win an argument or solve a problem?
_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://lists.gnu.org/mailman/listinfo/help-cfengine
