BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] stumped by ssh

2012-10-13 11:09:54
Subject: Re: [BackupPC-users] stumped by ssh
From: "Tyler J. Wagner" <tyler AT tolaris DOT com>
To: "General list for user discussion, questions and support" <backuppc-users AT lists.sourceforge DOT net>
Date: Sat, 13 Oct 2012 16:08:35 +0100 
On 2012-10-13 14:33, Robert E. Wooden wrote:
> What happened, I am asking myself. Last night I was running "ssh -vvv
> [clienthostname]" to test my ssh connection. ssh was 'complaining' that I
> had some bad lines in my /var/lib/backuppc/.ssh/known_hosts file. I removed
> those 'bad lines' with "ssh-keygen -f "/var/lib/backuppc/.ssh/known_hosts"
> -R bob-desktop2" and long story short, this morning (half asleep) decided
> to let my backuppc server fail again trying to backuppc this troubled
> client. To my amazement, half asleep, it did not fail!

Some related SSH tips:

1. Remove your known_hosts file now.
2. Create an ~/.ssh/config file, owned by the right user, mode 644, containing:

HashKnownHosts no
StrictHostKeyChecking no

This means that:

1. Lines will be added to known_hosts without prompting (no more pressing
yes to accept new fingerprints).
2. Key mismatches will be tolerated with SSH key logins. A warning will be
printed, and password logins are still blocked.
3. Lines added to known_hosts will have a readable host/ip entry at the
begin of line. This makes removing conflicts easier.

Some people think this reduces security. It does. But I consider it a fair
balance versus usability, especially when you work with a large number of
hosts.

Regards,
Tyler

-- 
"Human subcultures are nested fractally. There's no bottom."
   -- Randal Munrow, http://xkcd.com/1095/

------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] stumped by ssh, Robert E. Wooden
Next by Date:  Re: [BackupPC-users] stumped by ssh, Robert E. Wooden
Previous by Thread:  Re: [BackupPC-users] stumped by ssh, Robert E. Wooden
Next by Thread:  Re: [BackupPC-users] stumped by ssh, Robert E. Wooden
Indexes:  [Date] [Thread] [Top] [All Lists]