Re: Semi-OT: ssh configuration for LVS

To:	"Ted Pavlic" <tpavlic@xxxxxxxxxxx>, <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: Semi-OT: ssh configuration for LVS
From:	Pietro Ravasio <pietro.ravasio@xxxxxxxxxxxxx>
Date:	Thu, 28 Sep 2000 17:13:53 +0200

At 06.03 28/09/00 -0400, Ted Pavlic wrote:

Alright, personally I always prefer

RermitRootLogon nopwd

Over the option you've outlined. This plugs up some security holes.

From each server which needs to accept SSH requests, ssh FROM them into your
monitoring system. (your LVS, from what it sounds like) Do this as root so
that the keys from your LVS are stored in root's known_hosts file. (Be sure
you answer yes to any question asking you to save the file)


...

Thanks Ted,

I was adding to "known_host" file only "Ip number + associated RSA key",and not "canonical name + associated RSA key", so it was refusing meRhost+RSA connection!

Now everything works fine. Thanks again.

jJst another question: is there a way to limit syslog logging? (I've got abunch of

Sep 28 17:12:51 lvs1 nanny[1025]: running command  "ssh" "172.16.0.11" "uptime"
entries in the log file! Sorry if this was already asked before!)

Kind regards,
Pietro

P.S.: yes, I'm running LVS via piranha/pulse on VALinux/RedHat.

<Prev in Thread]	Current Thread	[Next in Thread>
Semi-OT: ssh configuration for LVS, Pietro Ravasio Re: Semi-OT: ssh configuration for LVS, Ted Pavlic Re: Semi-OT: ssh configuration for LVS, Pietro Ravasio <= Re: Semi-OT: ssh configuration for LVS, Keith Barrett Re: Semi-OT: ssh configuration for LVS, Pietro Ravasio

Previous by Date:	Re: Semi-OT: ssh configuration for LVS, Ted Pavlic
Next by Date:	Testlvs and Apache..., Pietro Ravasio
Previous by Thread:	Re: Semi-OT: ssh configuration for LVS, Ted Pavlic
Next by Thread:	Re: Semi-OT: ssh configuration for LVS, Keith Barrett
Indexes:	[Date] [Thread] [Top] [All Lists]