diff options
| author | elijah <elijah@riseup.net> | 2012-10-23 03:52:22 -0700 |
|---|---|---|
| committer | elijah <elijah@riseup.net> | 2012-10-23 03:52:22 -0700 |
| commit | 4f38e99c629f60d9524d1cf23efa7ab927ac9cf4 (patch) | |
| tree | 776cb00b69261d4dda1ad31cf8d934fb30a0bd1c | |
| parent | 592f4e09bf328d2798207e193e985a0bbb9d1314 (diff) | |
minor change to notes
| -rw-r--r-- | DEVNOTES | 20 |
1 files changed, 1 insertions, 19 deletions
@@ -84,19 +84,7 @@ invoke puppet ssh ================================ -fingerprints --------------------- - -ssh-keygen -lf <keyfile> tells you the fingerprint of an encryption key - - ls -1 /etc/ssh/*key* - /etc/ssh/ssh_host_dsa_key - /etc/ssh/ssh_host_dsa_key.pub - /etc/ssh/ssh_host_rsa_key - /etc/ssh/ssh_host_rsa_key.pub - -fetch the public host ida of a bunch of nodes: - ssh-keyscan -t rsa <host list> +http://mostlyobvio.us/2012/06/optimize-your-ssh-experience/ ssh certificate authority ---------------------------------- @@ -119,17 +107,11 @@ instead: home$ ssh -o 'ProxyCommand ssh you@hop1 nc %h %p' ssh you@hop2 hop2$ - - known_hosts ---------------- man sshd, search for known_hosts - -StrictHostKeyChecking="yes" - @revoked -- should we put revoked keys in known_hosts, and when/how... - @cert-authority -- should we use it? ruby |