From 68d7196d472b5195c19e871e960996e89a7bcb9c Mon Sep 17 00:00:00 2001 From: Oliver Walsh Date: Fri, 24 Mar 2017 14:35:09 +0000 Subject: SSH known_hosts config Fetch the host public keys from each node, combine them all and write to the system-wide ssh known hosts. The alternative of disabling host key verification is vulnerable to a MITM attack. Change-Id: Ib572b5910720b1991812256e68c975f7fbe2239c (cherry picked from commit 7d3552a105ad5aa62cad0998c11df5ec6bd06ed6) --- releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml (limited to 'releasenotes/notes') diff --git a/releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml b/releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml new file mode 100644 index 00000000..8b533b1a --- /dev/null +++ b/releasenotes/notes/ssh_known_hosts-287563590632d1aa.yaml @@ -0,0 +1,4 @@ +--- +features: + - SSH host key exchange. The ssh host keys are collected from each host, + combined, and written to /etc/ssh/ssh_known_hosts. -- cgit 1.2.3-korg