On 24/12/2010 02:12, Nick Anderson wrote: > On 12/23/2010 06:56 PM, Nicolas Charles wrote: >> The bootstrap itself is not sufficiant on a community edition. You'll >> need to exchange the key by doing an interactive session with cf-runagent : >> # cf-runagent -i -H 192.168.1.129 >> >> With this, you'll be able to accept 192.168.1.129's key on your computer > Seems a chicken and egg problem. > I have the failsafe.cf in place and I cannot bootstrap without the key. > But I get errors when I try to run cf-runagent without a promises.cf file. > > cf-runagent -i -H 192.168.1.129 > There is no readable input file at promises.cf > !!! System error for stat: "No such file or directory" > Can't stat file "/var/cfengine/inputs/promises.cf" for parsing > !!! System error for stat: "No such file or directory" > Ha, I must have misunderstood something You should have a policy server, with a whole set of promises, which accept the connection for a client (and possibly trust its key) On the client, you should do the cf-runagent to accept the policy server key Or you could also copy the key, using the former key file name (root-ip.of.the.machine.pub), to the /var/cfengine/ppkeys
Nicolas _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
