[SOLVED] Sync /etc/pve/priv/known_hosts ?

[mailinglists]

Hi,

i see that i have different content in /etc/pve/priv/known_hosts (/etc/ssh/ssh_known_hosts) on my PM 5 cluster.

Shouldn't this file be the same (in sync) on all PM nodes, because it is residing inside /etc/pve?

Here is an example conf. from two nodes in the same cluster:

root@p31:~# md5sum /etc/ssh/ssh_known_hosts
2f3a37a8183dea13d88fdd0e523d19db  /etc/ssh/ssh_known_hosts
root@p31:~# cat /etc/ssh/ssh_known_hosts | wc -l
15

root@p34:~# md5sum /etc/ssh/ssh_known_hosts
698b4e01b8bdeba942418cf12b672b6f  /etc/ssh/ssh_known_hosts
root@p34:~# cat /etc/ssh/ssh_known_hosts | wc -l
20

Please advise.

 

[mailinglists]

No1 knows this?
Shouldn't /etc/pve be identical on all nodes?

 

[t.lamprecht]

Someone destroyed the link. Normally it's setup that the local one links to the cluster one, i.e. /etc/ssh/ssh_known_hosts -> /etc/pve/priv/known_hosts.

You can check that with:

# realpath /etc/ssh/ssh_known_hosts
realpath /etc/ssh/ssh_known_hosts

a pvecm updatecerts should merge those on the node where it got called again..

 

[mailinglists]

Seems that you are correct in the case i checked:

root@p32:~# ls -la /etc/ssh/ | grep -i known
-rw-------   1 root root   6601 Oct 29 17:54 ssh_known_hosts
lrwxrwxrwx   1 root root     25 Oct 29 17:25 ssh_known_hosts.old -> /etc/pve/priv/known_hosts

I guess I can just rm ssh_known_hosts and mv ssh_known_hosts.old ssh_known_hosts?

 

[t.lamprecht]

Seems that you are correct in the case i checked:

root@p32:~# ls -la /etc/ssh/ | grep -i known
-rw-------   1 root root   6601 Oct 29 17:54 ssh_known_hosts
lrwxrwxrwx   1 root root     25 Oct 29 17:25 ssh_known_hosts.old -> /etc/pve/priv/known_hosts

I guess I can just rm ssh_known_hosts and mv ssh_known_hosts.old ssh_known_hosts?

You sure can, just note that any known host not in the cluster white file will be lost.
But judging from the modification dates, where both have 29.10.2019 you really should me good with that.