I'm trying to determine how the hostkeys end up on a provisioned node
(stateful). It appears that the keys live in
/etc/xcat/hostkeys.
The man page for updatenode indicates that it can manage hostkeys for the nodes
with the -k option.
However, the "remoteshell" postscript also appears to manage hostkeys.
It will use the getcredentials.awk script to pull hostkeys from the management
node and install them in /etc/ssh.
The Perl module /opt/xcat/lib/perl/xCAT_plugin/credentials.pm will handle the
requests and respond by reading from
/etc/xcat/hostkeys.
The question is, when a node is provisioned, and assuming that 'remoteshell' is
in the postscript list, which of these two scripts
is used to set the hostkeys?
Do all the relevant host keys live in /etc/xcat/hostkeys?
Additionally, it appears that there are copies of the public host keys in
/xcat/postscripts/hostkeys (or
/install/postscripts/hostkeys), however they don't appear to be used by
anything in xCAT (i.e. distributed to the provisioned
nodes). Can someone confirm and/or comment on why they are in this place to
begin with?
This is xCAT 2.7.5 on RHEL 6.4
Thanks!
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
xCAT-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/xcat-user
