GA! I knew it would be something stupid. Thanks for being my second
pair of eyes.
bg
On Tue, 2005-09-20 at 10:36 -0500, Ed Brown wrote:
> Your debug output indicates you are attempting to connect to (copy
> from)
> boa. Yet boa is defined as 'colo_server', not 'cfengine_server', so
> the
>
Your debug output indicates you are attempting to connect to (copy from)
boa. Yet boa is defined as 'colo_server', not 'cfengine_server', so the
TrustKeysFrom line in cfservd.conf is not applicable.
On Tue, 2005-09-20 at 09:01, Bill Gunter wrote:
> The domain values are the same. Here are my co
The domain values are the same. Here are my configs.
cfservd.conf:
#
groups:
# the name of our server is 'server'
cfengine_server = ( asp )
colo_server = ( boa )
control:
domain = ( (ExecResult(/bin/domainname) )
cfengine_server::
# tcp_wrappers-like access contr
The same cfservd.conf, including 'domain' value? Does that match the
domain in your update.conf? (Not sure that would result in a key/trust
error message, but it wouldn't be the only misleading error in
cfengine.)
Key exchange happens within cfengine, and doesn't require 'admit' or
'grant' state
Sorry, the repost I sent didn't include the entire original post. Here's
the deal.
I'm using the same cfservd.conf on two servers on two different nets,
208.10.199 and 66.162.222. Clients on the 208 net can connect and
establish trust automatically with the cfservd on the 208 net, but the
clients
> On Mon, 2005-09-12 at 12:51 -0500, Bill Gunter wrote:
> > The clients and server are on the same network, 66.162.222.0/24. Here's
> > the TrustKeys. The stuff on the 208.10.199.0/24 net works fine.
> >
> > TrustKeysFrom = (
> > 208.10.199.0/24
> > 66.162.222.0/24
> >
magine that you'd
put the following line in 'update.conf':
TrustKeysFrom = ( 10.0.7.165 ) # Clients
should only trust the CFserver
Regards,
/\/elson
Bill Gunter <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
09/19/2005 02:42 PM
To
help-cfengine@gnu.org
c
Sorry to re-post, but I'm afraid this has gotten lost in the din. I
really need to get this resolved, so any help would be greatly
appreciated.
bg
On Mon, 2005-09-12 at 12:51 -0500, Bill Gunter wrote:
> The clients and server are on the same network, 66.162.222.0/24. Here's
> the TrustKeys. The s
The clients and server are on the same network, 66.162.222.0/24. Here's
the TrustKeys. The stuff on the 208.10.199.0/24 net works fine.
TrustKeysFrom = (
208.10.199.0/24
66.162.222.0/24
216.54.235.0/24
192.168.199.0/24
)
On Mon, 2005-09-12 at 01:29
On Fri, 9 Sep 2005, Bill Gunter wrote:
I'm having trouble using trust to exchange keys. I got it working for
one server, but it's not working for another. I get this message on the
client while running 'cfagent -v'
"cfengine:viper: BAD: key could not be accepted on trust"
And similarly on the
I'm having trouble using trust to exchange keys. I got it working for
one server, but it's not working for another. I get this message on the
client while running 'cfagent -v'
"cfengine:viper: BAD: key could not be accepted on trust"
And similarly on the server from cfservd
"No previous key fo
11 matches
Mail list logo
