3

We have a setup with 2 Redhat-based servers which are both ha hosts behind a virtual ip.

  • 192.168.0.3 dataserver (virtual ip)
  • 192.168.0.1 dataserver_ha1 (physical server)
  • 192.168.0.2 dataserver_ha2 (physical server)

using drdb and heartbeat it is setup to run one host as a primary host and the other in a standby state. If the primary fails than the standby server become primary and takes over... Very standard in that regard.

our log processing server (etl_server) sshes to dataserver and runs hourly processes.

We use ssh_keys to connect (though that is not important info for this).

When dataserver_ha1 fails over to ha2, etl_server can no longer connect due to the man-in-the-middle warning about changed host keys.

AFAIK there are a few things I could do:

1) turn strict checking off on the ssh clients (dont want to do that) 2) add entries fro both physical host keys in authorized_keys file on the client 3) mirror all the /etc/sshd/hosts* files

But I feel like I should be able to tell the hosts to inform the ssh client request that one of two permissible host keys could possibly be used. When I get a little time I will test this out using VirtualBox or something. In the meantime I am looking in the wrong places for info on this...

ewwhite
  • 197,159
  • 92
  • 443
  • 809
mbubb
  • 31
  • 3
  • What is your problem with turning off the host-key-check? You are just triggering remote scripts. If they are not there - so what? – Nils Oct 13 '12 at 20:06

1 Answers1

4

Use the same private keys on your two dataservers.

From the primary...

scp /etc/ssh/*key* dataserver_ha2:/etc/ssh/

Following that, restart the ssh daemon on dataserver_ha2 with service sshd restart.

That will take care of your host identity issues in the quickest, cleanest way.

ewwhite
  • 197,159
  • 92
  • 443
  • 809