[pve-devel] [RFC cluster] pvecmn: add sshkeyscan

Thomas Lamprecht t.lamprecht at proxmox.com
Sat Nov 19 11:40:51 CET 2016


On 19.11.2016 09:53, Dietmar Maurer wrote:
> this looks extremely clumsy to me. Are there any alternatives?
>

If we want to automate it I did not found any better way yet. Using ssh-keyscan is nice as its fast and does accepts multiple hosts at once.
Using the unique sort is just a security measurement against spamming the known_host files with multiple duplicate entries.
And gathering the IPs I miss-used the new pvecm mtunnel --get_migration_ip command, this is not ideal from a nameing perspective, but seamed to practical to me to not use it as a hack :)

We could just document how to use ssh-keyscan manually to simplify this process for the user and omit this entirely.
But the process would be almost the same, apart of the automatic IP gathering, the user knows already the IPs of his hosts.




More information about the pve-devel mailing list