[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bootstrapping
From: |
Luke A. Kanies |
Subject: |
Re: Bootstrapping |
Date: |
Mon, 16 Feb 2004 13:12:59 -0600 (CST) |
On Mon, 16 Feb 2004 Mark.Burgess@iu.hio.no wrote:
> I do not know how to bind an outgoing connection to a specific IP
> address. Tell me how it is done and I will help.
Hi Mark,
I pretty cavalierly assumed this was possible, and yet I can't find any
evidence that it is. Most likely even if it is possible it's not portable
or easy.
I don't really know what a good solution is, frankly, which is why I
haven't even looked at trying to submit a patch. The problem of
authenticating a host that can report different names and addresses is not
easy. The only solution I can really think of is to have the same set of
keys on multiple hosts.
It would be nice to be able to explicitly run cfagent in a way that it
knows it's on a terminal, such that it asks you whether you want to trust
an unknown host, similar to what ssh does. There are a couple of ways to
deal with it, but we as a community need to establish a best-practice
method of getting all the keys right, and then modify cfengine if
necessary to better support that method.
Luke
--
I do not feel obliged to believe that the same God who has endowed us
with sense, reason, and intellect has intended us to forgo their use.
-- Galileo Galilei
- Re: Bootstrapping <= LDAP and authority, (continued)
- Re: Bootstrapping <= LDAP and authority, Chip Seraphine, 2004/02/19
- Re: Bootstrapping, Mark . Burgess, 2004/02/19
- Re: Bootstrapping, Luke A. Kanies, 2004/02/19
- Re: Bootstrapping, Nate Campi, 2004/02/19
- Re: Bootstrapping, John Sechrest, 2004/02/19
- Re: Bootstrapping, Nate Campi, 2004/02/19
- Re: Bootstrapping, Russell Adams, 2004/02/19
- Re: Bootstrapping, Jamie Wilkinson, 2004/02/19
- Re: Bootstrapping, Chip Seraphine, 2004/02/20
Re: Bootstrapping, Jamie Wilkinson, 2004/02/19
Re: Bootstrapping,
Luke A. Kanies <=