Subject: Re: ..and use mirrors! (was Re: current anoncvs machine needs a ticket to the moon)
To: Martijn van Buul <martijnb@atlas.ipv6.stack.nl>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: current-users
Date: 06/13/2005 12:07:06
On Mon, Jun 13, 2005 at 03:57:34PM +0000, Martijn van Buul wrote:
> It occurred to me that Peter Eisch wrote in gmane.os.netbsd.current:
> >
> > On 6/13/05 10:43 AM, "Lubomir Sedlacik" <salo@Xtrmntr.org> wrote:
> >
> >> it's called round-robin and it's a PITA with ssh keys.
> >>
> >
> > Unless they're all configure to have the same key for 'anoncvs' I suppose.
>
> Which completely defies the purpose of having a host key..
No, it doesn't. It's perfectly reasonable to use the same private key
for all providers of a single service; it then becomes a service key,
not a "host key". You can run sshd on a separate port or address for
connections which require authentication of which machine, rather than
which service, they're connected to.
--
Thor Lancelot Simon tls@rek.tjls.com
"The inconsistency is startling, though admittedly, if consistency is to be
abandoned or transcended, there is no problem." - Noam Chomsky