New ssh in Woody an fai

Geert Stappers Geert.Stappers at
Tue Oct 16 23:02:44 CEST 2001

At 16:55 +0200 10/16/01, Thomas Lange wrote something like:
>> the new woody is using ssh2 as default.
>> So after the system is installed the client can´t copy the logfiles
>I will fix that for the FAI version for woody.

Using ssh2 in stead of ssh or as supplement on ssh wouldn't solve

>>because it needs the authorized_keys2, known_hosts2, ...

On my fai-potato-systems the installing client sayed:
"The authenticity of host 'mir.stappers.breda' can't be established.
Key fingerprint is 1024 67:c8:59:snip:snip:4e:97:a5.
Are you sure you want to continue connecting (yes/no)?"
Answering "yes" resulted in :
"unable to write /root/.ssh/known_host"

These anonying messageses kept appearing until my workaround:

- move ~/.ssh/known_hosts ~/.ssh/known_hosts_copy
- do ssh login to fai server as fai loguser ( e.g.: ssh -l fai faisrvr )
 and exit. Now we have an known_hosts-file with entry to fai server
- copy ~/.ssh/known_hosts to /usr/lib/fai/nfsroot/root/.ssh/known_hosts
- move ~/.ssh/known_hosts_copy back to ~/.ssh/known_hosts

>>Is it worth to send a bug report?
>No bug report needed for that.

It does need more attention then just add ssh2 to the installed packages.

The manual actions described above should IMHO added to make-fai-nfsroot.
Thinking at loud:

adduser $LOGUSER
echo "
please enter 'yes'

" # ask user for help
su - $LOGUSER -c "ssh-keygen" # generate identity keys [1]
su - $LOGUSER -c "ssh -l $LOGUSER $HOSTNAME /bin/false"
cp ~$LOGUSER/.ssh/known_host $FAINFSROOT/root/.ssh/
cp ~$LOGUSER/.ssh/identy* $FAINFSROOT/root/.ssh/  [1]

"make-fai-nfsroot" is not my friend, that is why I didn't test it.

( [1] )

Kind Regards, Geert Stappers
The Future is now, be part of it.

More information about the linux-fai mailing list