connecting to a virtual host: host key mismatch

Darren Tucker dtucker at zip.com.au
Thu Sep 11 18:36:04 EST 2003


Ulrich Windl wrote:
> I have a kind of problem: I need to connect to a virtual host (a f "floating"
> IP address) that is one of two physical hosts in a HA environment. Yesterday
> the virtual IP address was moved to another host.
> 
> Today ssh refuses to connect, because the host key is different. Reading the
> documentation I found that there is no command line option (documented) to
> temporarily bypass "StrictHostKeyChecking", and it seems to be impossible to
> specify multiple alternative hostkeys for a virtual host in "knows_hosts" (it
> would make sense however IMHO).

ssh -o StrictHostKeyChecking=no clusterhost ?

> Using the same host keys for both machines is not what I would like to do
> (assuming it would help), and I don't want to disable "StrictHostKeyChecking"
> globally.

In ssh_config or $HOME/.ssh/config:
Host clusterhost
	StrictHostKeyChecking no

> So what's the (or a good) solution?

Generate a set of keys for each node, plus a set for each floating
address.  Have each node run its own sshd listening on its main IP address
with its "node" keys, and the machine with the production address run
another sshd on it with the "floating" keys.  Note that this means you
have to migrate the production sshd along with the rest of your production
services.

I'd probably just use the same keys for all the machines in the cluster. 
The keys are to prevent a MITM attack, and since all of the machines in
the cluster are presumably under the same administrative control, I don't
think separate keys buy you much.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.




More information about the openssh-unix-dev mailing list