Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: jgreer
Link to topic: https://cfengine.com/forum/read.php?3,19099,19229#msg-19229
Thanks for the clarification.
Seems like the procedure for running 2.x and >=3.1.0 servers on the same
machine, with a shared ppkeys directory, w
Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: mark
Link to topic: https://cfengine.com/forum/read.php?3,19099,19227#msg-19227
I realize that my comment can be misinterpreted.
1. Cfengine (cf-agent/cf-servd) *will* convert keys automatically the first
time they are used. If t
Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: jgreer
Link to topic: https://cfengine.com/forum/read.php?3,19099,19226#msg-19226
Thanks, Mark! That's very helpful.
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cf
Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: mark
Link to topic: https://cfengine.com/forum/read.php?3,19099,19225#msg-19225
To Neil's original question,
the keys are named by the "default hash" (MD5 in community) of the
localhost.pub file. You can see this hash when you ru
Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: mark
Link to topic: https://cfengine.com/forum/read.php?3,19099,19224#msg-19224
Jessica,
Cfengine looks for a key with the new format, and if it doesn't find it, it
looks for a key with the old format and renames it to thr new.
Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: jgreer
Link to topic: https://cfengine.com/forum/read.php?3,19099,19223#msg-19223
Mark,
Can you explain the process by which keys will be converted?
We have a box that is a server for 2 and 3 - will both versions of the server'
Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: mark
Link to topic: https://cfengine.com/forum/read.php?3,19099,19214#msg-19214
This is a matter for policy, of course. One could simply revoke keys by
deleting keys older than a certain date, forcing them to be re-exchanged.
(Do
Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: dan
Link to topic: https://cfengine.com/forum/read.php?3,19099,19213#msg-19213
Along the same lines, how should rebuilding a host be handled now? The cfengine
key for the host will change, but as far as I can tell there is no easy
Forum: Cfengine Help
Subject: Re: New key naming algorithm
Author: matter
Link to topic: https://cfengine.com/forum/read.php?3,19099,19185#msg-19185
Yes, I would like to know this as well. I did post that earlier. I do some
back-end processes what does include parsing the lastseen database and ch
