where is the best moment to populate the keys

[Eric Doutreleau]

Hi

I'm trying to set up cfengine 2.0.2 on my network of redhat 7.x machine
and i have a little problem.

I have one "master" server which have all the files and which run the
cfservd whose name is crotale

I distribute the public key of the server to the client through the
installation of a rpm package which contain the public key of the server.

To secure the transfer i have to transfer the public key of the client to 
the server.

in interactive mode i use an scp command and it works well.
scp -v /var/cfengine/ppkeys/localhost.pub 
crotale:/var/cfengine/ppkeys/root-$ip.pub
It prompts for the crotale root password and transfer the file

I would like to do that during the first boot sequence.
I add the following file cfinit in the /etc/init.d/ directory 

#!/bin/bash -i
#
# cfengine        starts cfd
#
# chkconfig: - 99 99
# description: initialisation de cfengine

# Source function library.

. /etc/rc.d/init.d/functions

case "$1" in
  start)


/var/cfengine/sbin/cfkey
server="crotale"
host=`hostname`
ip=`host -t a $host | awk '{ print $4 }'`
scp /var/cfengine/ppkeys/localhost.pub 
crotale:/var/cfengine/ppkeys/root-$ip.pub
/sbin/chkconfig --level 345 cfinit off
;;

esac

exit 0


The file is executed but i never got the prompt for the root crotale 
password and the transfer failed.

does someone know how to have an elegant way to do the transfer without 
the need to log on client after the installation?

Thanks in advance for any help


 
-- 
Eric Doutreleau
I.N.T                   | Tel   : +33 (0) 160764687
9 rue Charles Fourier   | Fax   : +33 (0) 160764321
91011 Evry   France     | email : Eric.Doutreleau@int-evry.fr