IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Update host SSH public keys on the server during client install.

Browse Source 
This is done by calling host-mod to update the keys on IPA server and nsupdate
to update DNS SSHFP records. DNS update can be disabled using --no-dns-sshfp
ipa-client-install option.

https://fedorahosted.org/freeipa/ticket/1634
This commit is contained in:
Jan Cholasta
2011-12-07 03:40:51 -05:00
committed by Rob Crittenden
parent 9b6649a1ce
commit c34f5fbc88
7 changed files with 86 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ipaserver/install/bindinstance.py
View File

@@ -185,7 +185,7 @@ def read_reverse_zone(default, ip_address):
def add_zone(name, zonemgr=None, dns_backup=None, ns_hostname=None, ns_ip_address=None,
update_policy=None):
if update_policy is None:
update_policy = "grant %(realm)s krb5-self * A; grant %(realm)s krb5-self * AAAA;" % dict(realm=api.env.realm)
update_policy = "grant %(realm)s krb5-self * A; grant %(realm)s krb5-self * AAAA; grant %(realm)s krb5-self * SSHFP;" % dict(realm=api.env.realm)
if zonemgr is None:
zonemgr = 'hostmaster.%s' % name