[pve-devel] [PATCH cluster/manager/storage/docs 0/9] fix #4886: improve SSH handling

Fabian Grünbichler f.gruenbichler at proxmox.com
Tue Jan 16 11:40:40 CET 2024


> Thomas Lamprecht <t.lamprecht at proxmox.com> hat am 16.01.2024 11:34 CET geschrieben:
> 
>  
> Am 15/01/2024 um 16:53 schrieb Hannes Dürr:
> > Tested cluster creation with three new nodes on 8.1 and the patches
> > Cluster creation and further ssh communication (eq. migration) worked 
> > flawless
> > 
> > Tested-by: Hannes Duerr <h.duerr at proxmox.com>
> 
> What about the reinstallation of an existing node, or replacing
> one, while keeping the same nodename scenario?

on (re)join, pvecm updatecerts is called, and the (new) host key is written to the node directory (and picked up by the other nodes) from there.

> As that was one of the main original reasons for this change here
> in the first place.
> 
> For the removal you could play through the documented procedure
> and send a patch for update it accordingly, as e.g., the part
> about the node’s SSH keys remaining in the pmxcfs authorized_key
> file would need some change to reflect that this is not true
> for newer setups (once this series is applied and the respective
> packages got bumped and released).

authorized_keys are not touched by this series at all, see the cover letter ;) this is purely known_hosts so far..




More information about the pve-devel mailing list