Skip to content
Snippets Groups Projects
Commit 4c2f29ba authored by František Dvořák's avatar František Dvořák
Browse files

Scan ssh keys for the "reverse" access from node to each other node

For example we would need access to master server with CA when generating certificates.
parent b4c32f94
No related branches found
No related tags found
No related merge requests found
Pipeline #423 passed
......@@ -136,13 +136,25 @@ if 'init' in args.actions:
h = list(hosts.keys()) + ['%s.%s.' % (host, d) for host in hosts.keys()] + \
['%s.%s' % (host, d) for host in hosts.keys()] + list(hosts.values()) + [master_ip]
cycle_all = \
'echo -n At:; uname -n; for h in %s; do ssh -o StrictHostKeyChecking=no $h :; done' \
% (' '.join(h))
commands = [
['ssh-keygen', '-R', master_ip],
['ssh', '-o', 'StrictHostKeyChecking=no', '%s@%s' % (user, master_ip), ':'],
['scp', '-p', 'hosts', '%s@%s:/tmp/' % (user, master_ip)],
['ssh', '%s@%s' % (user, master_ip), 'sudo mv -v /tmp/hosts /etc/hosts'],
# the frontend to all nodes
['ssh', '-o', 'ForwardAgent=yes', '%s@%s' % (user, master_ip), cycle_all]
]
for node in hosts.keys():
# skip the frontend - covered by the command above
if node == master_hostname:
continue
# the node to all nodes
commands += [
['ssh', '-o', 'ForwardAgent=yes', '%s@%s' % (user, master_ip),
'for h in %s; do ssh -o StrictHostKeyChecking=no %s@$h :; done' % (' '.join(h), user)],
'ssh -o ForwardAgent=yes %s \'%s\'' % ('%s.%s' % (node, d), cycle_all)],
]
for ip in hosts.values():
commands += [
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment