On 30 Jan 2013 at 9:29, Johan Beisser wrote: > On Wed, Jan 30, 2013 at 8:56 AM, System Administrator <ad...@bitwise.net> > wrote: > > I finally got to deploy a CARP firewall cluster (HA failover for now). > > Using only the official OpenBSD.org documentation, everything went very > > smoothly even though the setup is not quite trivial (14 carp addresses > > on 6 active interfaces). I even got system replication going using > > rdist(1). > > > > While testing the failover and trying to ssh to a carp address I got > > hit with the server key mismatch; hence this email. What is considered > > best practice wrt ssh keys in a carp cluster -- install the same keys > > on all member nodes to avoid the alerts or just live with the > > occasional mismatch? > > Don't monitor SSH on the CARP address.
Sorry, I'm not following you
