>>>>> Chris writes:
> I got a test setup on two different machines- RA server and CA
> Server. When I'm trying to synchronize them via scp (CA Enroll all
> to lower., as in user docs), the .tar file is being generated, but
> I get the following error:
> /usr/bin/scp -i /var/www/.ssh/id_rsa
> /usr/local/openca/openca/var/tmp/openca.tar
> [EMAIL PROTECTED]:/usr/local/OpenCA/var/tmp/
> Export failed!
> 256
> Host key verification failed.
> lost connection
That's because the ssh host key -- which is used to check the identity
of 192.168.25.131 -- is only known at your personal account, but
neither for the Web server's account nor system wide.
I recommend to make it known system wide:
-- As the user where the scp succeeds, execute
grep '192.168.25.131' ~/.ssh/known_hosts >/tmp/ra.pub
-- As root, execute
cat /tmp/ra.pub >>/etc/ssh/ssh_known_hosts
(This is on Linux, on other Unix system, this file might be named
/etc/ssh_known_hosts. But /var/www smells like Linux. :-)
As an aside, do NOT chmod 777 /var/www/.ssh; this causes a severe
security problem. Keep it on 755 or on 700.
I assume that you know how to place private and public keys at wwwrun
and [EMAIL PROTECTED] If not, come back to this list and ask.
Hope this helps,
Joachim
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: [EMAIL PROTECTED]
Roedermark, Germany
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
