On Mon, Oct 27, 2008 at 2:53 PM, Kyle McDonald <KMcDonald at egenera.com> wrote: > Hi all, > > I'm trying to automate setup of SSH keys during Jumpstart installations, > and I'd like some advice from anyone out there who's dealt with this > already. > > > I'm trying to make the farm of machines my users use as easy to use as > possible. My users really would rather not deal with key's, known_hosts, > etc. Right now they still prefer rsh, so I'm trying to setup something > that will replace it as invisibly as possible. > > Unfortunately the machines in the farm, get re-installed quite often. > After reading through the docs, I've decides that if I want to protect > the users from needing to answer 'yes' to adding a host to their person > known hosts (or worse manually removing an old key from it first) then I > really need to keep an up to date system wide known_hosts file. > > That brings me here. The two ideas I've had for this, both seem to have > advantages and disadvantages, and both seem to have their own security > risks. So I'm curious if anyone thinks one of these is better than the > other, or if anyone has any other ideas. > > Idea 1: > > Pre-generate the host keys, or record the current ones from the hosts, > and have Jumpstart restore them during installation.
Yup. I save the keys (and for zones too) and restore them on reinstallation. > Other than some secure transfer mechanism that I haven't thought of yet, > this obviously has the issues of the JumpStart NFS directory being > shared 'ro,anon=0', and even files readable only by root can be read by > anyone, thereby destroying the secrecy of the private keys. Have your finish script nfs mount a different directory that has a different security policy. And have the files owned by a special user, su to that user to read the files. -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/
