Re: [pve-devel] [RFC cluster 0/2] fix #4886: improve SSH handling

--- Begin Message --- On Thu, Dec 21, 2023 at 10:53:11AM +0100, Fabian Grünbichler wrote: > RFC since this would be a bigger change in how we approach intra-cluster > SSH access. > > there are still a few parts that currently don't use SSHInfo, but > would need to be switched over if we want to pu

Re: [pve-devel] [RFC cluster 0/2] fix #4886: improve SSH handling

--- Begin Message --- On Tue, Jan 09, 2024 at 09:57:30AM +0100, Fabian Grünbichler wrote: > > Esi Y via pve-devel hat am 09.01.2024 06:01 > > CET geschrieben: > > On Thu, Dec 21, 2023 at 10:53:11AM +0100, Fabian Grünbichler wrote: > > > RFC since this would be a bigge

Re: [pve-devel] [PATCH docs 2/2] ssh: document PVE-specific setup

--- Begin Message --- On Thu, Jan 11, 2024 at 11:51:20AM +0100, Fabian Grünbichler wrote: > such as adapted configs and managed files. > > Signed-off-by: Fabian Grünbichler > --- > Notes: actual version needs to be inserted! > > pvecm.adoc | 18 ++ > 1 file changed, 18 insertion

Re: [pve-devel] [PATCH docs 1/2] ssh: make pitfalls a regular section instead of block

--- Begin Message --- On Thu, Jan 11, 2024 at 11:51:19AM +0100, Fabian Grünbichler wrote: > because we'll add another one before it, and formatting is off otherwise. > > Signed-off-by: Fabian Grünbichler > --- > pvecm.adoc | 8 +++- > 1 file changed, 3 insertions(+), 5 deletions(-) > > diff

Re: [pve-devel] [PATCH docs 1/2] ssh: make pitfalls a regular section instead of block

--- Begin Message --- On Fri, Jan 12, 2024 at 02:12:01PM +0100, Fiona Ebner wrote: > Am 12.01.24 um 13:40 schrieb Esi Y: > >> @@ -918,9 +918,9 @@ transfer memory and disk contents. > >> > >> * Storage replication > >> > >> -.Pitfalls due to automatic execution of `.bashrc` and siblings > >> -[

Re: [pve-devel] [PATCH cluster/manager/storage/docs 0/9] fix #4886: improve SSH handling

--- Begin Message --- On Fri, Jan 12, 2024 at 01:12:50PM +0100, Fabian Grünbichler wrote: > On January 11, 2024 11:51 am, Fabian Grünbichler wrote: > > this series replaces the old mechanism that used a cluster-wide merged known > > hosts file with distributing of each node's host key via pmxcfs, a

Re: [pve-devel] [PATCH docs 2/2] ssh: document PVE-specific setup

--- Begin Message --- On Fri, Jan 12, 2024 at 01:04:50PM +, Esi Y wrote: > On Fri, Jan 12, 2024 at 01:40:44PM +0100, Fabian Grünbichler wrote: > > > > > Esi Y via pve-devel hat am 12.01.2024 13:33 > > > CET geschrieben: > > > On Thu, Jan 11, 2024 at

Re: [pve-devel] [PATCH cluster 2/4] fix #4886: SSH: pin node's host key if available

--- Begin Message --- On Thu, Jan 11, 2024 at 11:51:16AM +0100, Fabian Grünbichler wrote: > if the target node has already stored their SSH host key on pmxcfs, pin it and > ignore the global known hosts information. > > Signed-off-by: Fabian Grünbichler > --- > src/PVE/SSHInfo.pm | 15 ++

Re: [pve-devel] [PATCH cluster 2/4] fix #4886: SSH: pin node's host key if available

--- Begin Message --- On Mon, Jan 15, 2024 at 12:51:48PM +0100, Fabian Grünbichler wrote: > > On Thu, Jan 11, 2024 at 11:51:16AM +0100, Fabian Grünbichler wrote: > > > if the target node has already stored their SSH host key on pmxcfs, pin > > > it and > > > ignore the global known hosts informati

Re: [pve-devel] [PATCH cluster 2/4] fix #4886: SSH: pin node's host key if available

to it. Minor comments inline below still. On Tue, Jan 16, 2024 at 10:00:10AM +0100, Fabian Grünbichler wrote: > > Esi Y via pve-devel hat am 15.01.2024 15:31 > > CET geschrieben: > > On Mon, Jan 15, 2024 at 12:51:48PM +0100, Fabian Grünbichler wrote: > > > > On Th

Re: [pve-devel] [PATCH cluster 4/4] pvecm: stop merging SSH known hosts by default

--- Begin Message --- On Thu, Jan 11, 2024 at 11:51:18AM +0100, Fabian Grünbichler wrote: > and allow explicitly unmerging to remove the symlink altogether. Apologies if I am second guessing here, but this is meant to be explicitly later "unmerging" on pveproxy start of new version of PVE? If so,

Re: [pve-devel] [PATCH cluster 2/4] fix #4886: SSH: pin node's host key if available

6, 2024 at 01:39:56PM +0000, Esi Y via pve-devel wrote: > Date: Tue, 16 Jan 2024 13:39:56 + > From: Esi Y > To: pve-devel@lists.proxmox.com > Subject: Re: [pve-devel] [PATCH cluster 2/4] fix #4886: SSH: pin node's > host key if available > > Thank you for the respo

Re: [pve-devel] [PATCH manager] ui: node: system: avoid using 'Syslog'

--- Begin Message --- On Fri, Feb 16, 2024 at 10:25:22AM +0100, Dietmar Maurer wrote: > > while I don't mind (at all!) that that part of the UI/API is labelled > > syslog (I don't think it's hard to understand that it gives you the system > > logs of that node, and "syslog" is a bit like "Kleenex

Re: [pve-devel] [PATCH manager] ui: node: system: avoid using 'Syslog'

--- Begin Message --- On Thu, Feb 15, 2024 at 07:20:51PM +0100, Dietmar Maurer wrote: > > The information gathered by the API call comes from the systemd > > journal. While 'Syslog' could be interpreted as a shorthand for > > "System Log", it's better to be explicit to avoid any confusion. > > > -

Re: [pve-devel] [PATCH manager] ui: node: system: avoid using 'Syslog'

--- Begin Message --- Just a small random addition to the rabbithole of the term syslog and that it has been source of confusion since long. There's yet another syslog, completely unrelated: # man 2 syslog: DESCRIPTION Note: Probably, you are looking for the C library function sy

Re: [pve-devel] [PATCH manager] ui: node: system: avoid using 'Syslog'

--- Begin Message --- Another random find today in man 8 rasdaemon [1], a post Syslogd-only era tool: > These trace events are logged in /sys/kernel/debug/tracing, reporting them > via syslog/journald. [1] https://manpages.debian.org/testing/rasdaemon/rasdaemon.8 On Fri, Feb 16, 2024 at 10:25:2