SSHbase is a bcfg2 plugin for managing ssh host keys. It is responsible for making ssh keys persist beyond a client rebuild and building a consistent ssh_known_hosts file including all the ssh keys and deploying it across all the systems bcfg2 manages.

SSHbase has two basic functions:

• to generate ssh host keys; if a system has not a key in the repository, it will be generated on its first check-in
• to maintain a consistent ssh_known_hosts file, and deploy it to all systems. This will include all the public keys in the repository.

Read the rest of this entry »