On 12/6/2012 12:10 AM, Alkis Georgopoulos wrote:
The ssh server keys are omitted from the image by default because it's a
security risk.
To keep them, remove the respective line from ltsp-update-image.excludes:
$ grep ssh /etc/ltsp/ltsp-update-image.excludes
etc/ssh/ssh_host_*_key
Thanks, Alkis, that was the key bit of info. (Thanks also to Vagrant C
for pondering the question.) I hadn't thought about the excludes file.
That got me past the initial error.
After that, when trying to log in under one or another of the user
accounts, I was getting "Permission denied" errors. But then the light
dawned for me: Since "ltsp-update-image --cleanup" removes the
(user-created) user accounts, and since I am trying to log into the
local client session, there are no user accounts there. So even with the
keys preserved, logging in as root is the only option.
But needless to say (except for newbies like me, who will be surprised),
if one successfully logs in as root, the local client keys will be
entered in the ssh known_hosts file. If one then updates the image
again, new client keys will be created, and when one tries to log in to
the client again as root, there will be a key mismatch and ssh will
issue a stiff warning about a man-in-the-middle attack. The existing
keys for that client address must first be removed with "ssh-keygen -R"
before one can log in again as root.
------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
