[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: where is the best moment to populate the keys
From: |
Mark . Burgess |
Subject: |
Re: where is the best moment to populate the keys |
Date: |
Tue, 28 May 2002 19:00:25 +0200 (MET DST) |
Why don't you simply let cfengine distribute the keys?
Mark
On 28 May, Eric Doutreleau wrote:
>
> Hi
>
> I'm trying to set up cfengine 2.0.2 on my network of redhat 7.x machine
> and i have a little problem.
>
> I have one "master" server which have all the files and which run the
> cfservd whose name is crotale
>
> I distribute the public key of the server to the client through the
> installation of a rpm package which contain the public key of the server.
>
> To secure the transfer i have to transfer the public key of the client to
> the server.
>
> in interactive mode i use an scp command and it works well.
> scp -v /var/cfengine/ppkeys/localhost.pub
> crotale:/var/cfengine/ppkeys/root-$ip.pub
> It prompts for the crotale root password and transfer the file
>
> I would like to do that during the first boot sequence.
> I add the following file cfinit in the /etc/init.d/ directory
>
> #!/bin/bash -i
> #
> # cfengine starts cfd
> #
> # chkconfig: - 99 99
> # description: initialisation de cfengine
>
> # Source function library.
>
> . /etc/rc.d/init.d/functions
>
> case "$1" in
> start)
>
>
> /var/cfengine/sbin/cfkey
> server="crotale"
> host=`hostname`
> ip=`host -t a $host | awk '{ print $4 }'`
> scp /var/cfengine/ppkeys/localhost.pub
> crotale:/var/cfengine/ppkeys/root-$ip.pub
> /sbin/chkconfig --level 345 cfinit off
> ;;
>
> esac
>
> exit 0
>
>
> The file is executed but i never got the prompt for the root crotale
> password and the transfer failed.
>
> does someone know how to have an elegant way to do the transfer without
> the need to log on client after the installation?
>
> Thanks in advance for any help
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Work: +47 22453272 Email: Mark.Burgess@iu.hio.no
Fax : +47 22453205 WWW : http://www.iu.hio.no/~mark
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~