[Systems] weak keys, backup

Bernie Innocenti bernie at codewiz.org
Fri Nov 27 15:53:05 EST 2009


On Fri, 2009-11-27 at 14:50 +0100, Sascha Silbe wrote:
> On Fri, Nov 27, 2009 at 06:37:08AM -0500, Cron Daemon wrote:
> 
> > run-parts: /etc/cron.daily/check_sshkeys exited with return code 1
> Fails because grep returns 1 (=> non-zero => error) when no output 
> occurs (which is good in our case). I'd suggest to add "|| true" to
> the script since in the "failure" case (i.e. weak keys found) we're 
> interested in the output (which gets mailed by cron), not an error
> code.

Done.  Thanks for catching it.


> > /etc/cron.daily/system-full-backup:
> > Host key authenticity could not be verified (missing known_hosts 
> > entry?)
> > Running 'sftp  -oServerAliveInterval=15 -oServerAliveCountMax=1 
> > sugarbackup at backup.sugarlabs.org' failed (attempt #1)
> 
> What's up with backup.sugarlabs.org? Has it been reinstalled (without 
> transferring the old ssh host key)?

No, the hostname changed (used to be swan.laptop.org). I fixed it by
ssh-ing manually to sugarbackup at backup.sugarlabs.org.

I think we should consider using monkeysphere.

-- 
   // Bernie Innocenti - http://codewiz.org/
 \X/  Sugar Labs       - http://sugarlabs.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.sugarlabs.org/private/systems/attachments/20091127/f933c8dd/attachment.pgp 


More information about the Systems mailing list