known_hosts(5) man page
Sergio Gelato
Sergio.Gelato at astro.su.se
Tue Oct 27 03:38:24 EST 2009
* Darren Tucker [2009-10-25 21:08:38 +1100]:
> Dave Yost wrote:
>> At 12:08 AM -0600 2009-10-25, Bob Proulx wrote:
>>> Jim Rees wrote:
>>>> Given that the hosts are interchangeable from the client's point of view,
>>>> shouldn't they both have the same host key?
>>> Let me second that. A pool of failover servers should have the same
>>> host key. They aren't individual machines at that point. Like
>>> mirrored disks they are logically mirrors of each other.
>>
>> Hard to say. These aren't really a failover or a load-balanced group.
>> It's more like a server plus other machines that can be pressed into
>> service to fill in for the server in a pinch, in addition to the
>> other stuff they do.
>
> The main question is: are they under the same administrative control?
> The host key protects you against MITM, but by definition the server's
> administrator can already conduct a MITM (since the server has access to
> the decrypted traffic and the admins have access to the host keys). If
> the machines are run by the same admins then you're not giving up much
> by using the same host keys.
If they are under the same administrative control but at different security
levels (say, physically accessible workstations vs. a server in a secure
room) sharing the host key may be riskier than you describe.
> The other option for clusters (no applicable in this case from your
> description) is to have "cluster package" that has a sshd bound to the
> floating cluster address with its own host keys and have this sshd move
> with the ddress.
I see that with GSS key exchange (which unfortunately isn't a standard
part of OpenSSH yet, only a popular and widely-deployed patch) and a
DNS CNAME RR the GSSAPI library (MIT 1.6 in my test) resolves the CNAME
before it asks the KDC for a ticket. Then everything is fine, since the
RSA/DSA host keys are ignored and the server is authenticated by GSS instead.
(I suppose one could likewise make OpenSSH traverse CNAMEs before the
known_hosts lookup, but somehow I don't think you'll find the added
complexity worthwhile.)
More information about the openssh-unix-dev
mailing list