summaryrefslogtreecommitdiffstats
path: root/releasenotes/notes
diff options
context:
space:
mode:
authorOliver Walsh <owalsh@redhat.com>2017-03-24 14:35:09 +0000
committerOliver Walsh <owalsh@redhat.com>2017-04-13 21:53:59 +0100
commit7d3552a105ad5aa62cad0998c11df5ec6bd06ed6 (patch)
tree38e0f69556cdce84f14a95e04e50a56d1a7a0ac5 /releasenotes/notes
parent8716d9f769dd17ef17fef7f0fdefaf0df6a7fe24 (diff)
SSH known_hosts config
Fetch the host public keys from each node, combine them all and write to the system-wide ssh known hosts. The alternative of disabling host key verification is vulnerable to a MITM attack. Change-Id: Ib572b5910720b1991812256e68c975f7fbe2239c
Diffstat (limited to 'releasenotes/notes')
-rw-r--r--releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml4
1 files changed, 4 insertions, 0 deletions
diff --git a/releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml b/releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml
new file mode 100644
index 00000000..8b533b1a
--- /dev/null
+++ b/releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - SSH host key exchange. The ssh host keys are collected from each host,
+ combined, and written to /etc/ssh/ssh_known_hosts.