also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.10.30.0015 +0200]: > 3. when a machine is being built or rebuilt, install the correct > ssh keys in /etc/ssh. they can be fetched via password-protected > http or https or ftp or even tftp, then decrypted and untarred. > since they're encrypted you don't have to be completely paranoid > about them - normal security precautions are adequate.
well, the decryption requires a password, so the installation is not unattended anymore. since we have a number of headless number crunchers in the cluster, this is essential. i am beginning to believe that i am looking for a solution where non exists... -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' : proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
signature.asc
Description: Digital signature
