[PVE-User] pve-cluster won't start with large ssh_known_hosts

Dietmar Maurer dietmar at proxmox.com
Sat Dec 10 11:45:08 CET 2011


> > It would then follow that the known_hosts file in pmxcfs is just for
> > deploying host keys for (1) hosts that are in the cluster and (2)
> > hosts that are being added to the cluster.  For both cases, the set of host keys
> is quite small and well known.
> > It would be just as good to register specific host keys into pmxcfs
> > when adding the hosts to the cluster.
> 
> OK, think I know what you mean now ;-) What you say is correct. We already do
> it that way for the authorize_key file. There is 'ssh-copy-id' for authorized key,
> and I guess we need to implement something similar for known_hosts.

Seems I am a bit confused today - sorry. All those things does not really help to solve your problem.

To summarize: You use the global known_host file /etc/ssh/ssh_known_hosts, so we can't use that
to store the cluster hosts (because that file is too large to store on pmxcfs).

Using the user file /root/.ssh/known_hosts is also bad, because that can also grow quite large.

Using any other file is clumsy because it is not used by default, so we always need to pass extra parameter.

Any better ideas?





More information about the pve-user mailing list