Re: Semi-OT: ssh configuration for LVS

To: "Ted Pavlic" <tpavlic@xxxxxxxxxxx>, <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Semi-OT: ssh configuration for LVS
From: Pietro Ravasio <pietro.ravasio@xxxxxxxxxxxxx>
Date: Thu, 28 Sep 2000 17:13:53 +0200
At 06.03 28/09/00 -0400, Ted Pavlic wrote:
Alright, personally I always prefer

RermitRootLogon nopwd

Over the option you've outlined. This plugs up some security holes.

From each server which needs to accept SSH requests, ssh FROM them into your
monitoring system. (your LVS, from what it sounds like) Do this as root so
that the keys from your LVS are stored in root's known_hosts file. (Be sure
you answer yes to any question asking you to save the file)


Thanks Ted,

I was adding to "known_host" file only "Ip number + associated RSA key", and not "canonical name + associated RSA key", so it was refusing me Rhost+RSA connection!
Now everything works fine. Thanks again.

jJst another question: is there a way to limit syslog logging? (I've got a bunch of
Sep 28 17:12:51 lvs1 nanny[1025]: running command  "ssh" "" "uptime"
entries in the log file! Sorry if this was already asked before!)

Kind regards,

P.S.: yes, I'm running LVS via piranha/pulse on VALinux/RedHat.

<Prev in Thread] Current Thread [Next in Thread>