Different HostKeys for different hostnames or IPs in the same sshd?..
Carson Gaspar
carson at taltos.org
Wed Sep 21 10:26:53 EST 2011
On 9/20/11 1:12 PM, Mikhail T. wrote:
> How do we configure things so that the users and the automated scripts
> aren't "freaked-out" by the key of "service.example.net" suddenly
> changing, when the DNS is changed? Other than both machines using the
> same hostkey, of course...
That's the easiest way - if you want the machines to appear identical,
make the host keys identical.
> Can sshd use a different key depending on which name it is contacted
> under -- that is, does the ssh-protocol have anything like HTTP's
> Host:-header? If not, can sshd offer a different key depending on the
> IP-address, that the incoming connection uses?
Run 2 sshd masters with 2 different config files, one listening on the
VIP with shared keys and one listening on non-VIP with host specific keys.
--
Carson
More information about the openssh-unix-dev
mailing list