[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: without trustkey=yes cfengine 2.1.8 fails to run
From: |
Thomas Glanzmann |
Subject: |
Re: without trustkey=yes cfengine 2.1.8 fails to run |
Date: |
Fri, 6 Aug 2004 11:02:36 +0200 |
User-agent: |
Mutt/1.5.6i |
Hello Uwe,
* Uwe Zeisberger <address@hidden> [040805 22:59]:
> with the hint of Thomas Glanzmann from Wed, 4 Aug 2004 14:07:34 +0200 I
> now get cfengine 2.1.8 to run. Additionally to delete all root-* keys I
> inserted trustkey=true to the first copy item in update.conf. I wish to
> remove this entry again, because of the mails I get ("Trusting server
> identity and willing to accept key from ...") and because of security.
> But when I do so, cfengine fails to run with the error:
I just described the symptoms and way to circumvent it. The real problem
was much earlier on the list, but someone had to intereprete it. :-)
> cfengine:: Not authorized to trust the server=a...de's public key
> (trustkey=false)
> cfengine:: Authentication dialogue with a...de failed
> cfengine:: Not authorized to trust the server=a....de's public key
> (trustkey=false)
> cfengine:: Authentication dialogue with a...de failed
In my opinion you have two solutions to your problem.
(generic part) Upgrade cfengine to 2.1.8 on all Solaris hosts (btw. I
just shipped blastwave packages for cfengine 2.1.8 via
http://www.blastwave.org/)
(solution 1) Delete the /var/cfengine/ppkeys/root-* files and set
trustkeys to yes.
(solution 2) Copy over a key generated from a cfengine-2.1.8 version to
/var/cfengine/ppkeys/root-whatever
Thomas