Forum: Cfengine Help
Subject: Interactive key trust no permenant
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,18135,18135#msg-18135


# cf-runagent -iIH arcdev01
WARNING - You do not have a public key from host arcdev01 = 10.129.148.11
          Do you want to accept one on trust? (yes/no)

--> yes
 -> Will trust the key...
...........................................................................
 * Hailing arcdev01 : 5308, with options "" (serial)
...........................................................................
 -> Trusting server identity, promise to accept key from arcdev01=10.129.148.11

Now again non-interactive

# cf-runagent -IH arcdev01
...........................................................................
 * Hailing arcdev01 : 5308, with options "" (serial)
...........................................................................
Challenge response from server arcdev01/10.129.148.11 was incorrect!
I: Report relates to a promise with handle ""
I: Promise is made internally by cfengine
 !! Authentication dialogue with arcdev01 failed


I would expect that the key trust could be a one time question much like SSH's 
host key trust.  Am I mistaken?

_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to