Closed
Bug 879347
Opened 11 years ago
Closed 11 years ago
Add a bunch of host keys to puppet
Categories
(Infrastructure & Operations :: RelOps: General, task)
Infrastructure & Operations
RelOps: General
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dustin, Assigned: dustin)
Details
Attachments
(1 file)
|
20.75 KB,
patch
|
rail
:
review+
dustin
:
checked-in+
|
Details | Diff | Splinter Review |
At least github and people.m.o. Add your other suggestions here! A missing host key is not a security mechanism. If a particular user/host should not have access to some other user/host, SSH auth should be preventing that, not the nonexistence of a host key.
|
Assignee | |
Comment 1•11 years ago
|
||
Also, all of the puppet masters
|
|
Assignee | |
Comment 2•11 years ago
|
||
This puts known hosts in the system global file, but *also* in root and builder's ~/.ssh, since ~builder/.ssh/known_hosts is required for mock builds. I tested the puppetsync crontask, and it still works fine.
Attachment #759258 -
Flags: review?(rail)
|
||
Updated•11 years ago
|
Attachment #759258 -
Flags: review?(rail) → review+
|
|
Assignee | |
Updated•11 years ago
|
Attachment #759258 -
Flags: checked-in+
|
|
Assignee | |
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
|
||
Comment 3•11 years ago
|
||
Comment on attachment 759258 [details] [diff] [review] bug879347.patch I'm curious why people.m.{o,c} was added, since it is blocked flow-wise from all the hosts that I know of in the buildVPN
|
|
Assignee | |
Comment 4•11 years ago
|
||
Not all - I often send puppet patches there for upload to bugzilla.
|
||
Updated•11 years ago
|
Component: Server Operations: RelEng → RelOps
Product: mozilla.org → Infrastructure & Operations
You need to log in
before you can comment on or make changes to this bug.
Description
•