Balbir Singh
asked on
How to create a cluster of ssh servers?
Is there a way we can configure a cluster of ssh server? I am trying to keep 5 ssh server behind a load balancer or create a cluster out of it. then later to stateful failover if anyone of the backend goes down.
I would really appreciate on suggestion on any way to achieve it. TIA
I would really appreciate on suggestion on any way to achieve it. TIA
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
When I try to put the same hostkey in all ssh-server and when I ssh then I get error saying this host key is bound to another IP. How can I resolv it?
I just want user not to get warning or MITM error when they get the same host key from other IP as my domain myhost.com will resolve to multiple IP addresses and when someone login they every time they may get new IP with same hostkey.
myhost.com,xx.xx.xx.xx ecdsa-sha2-nistp256 AAAAE0VjZHNhLXNoYTIhbmlzdHAyNTYAAAAIbmlzdHAyN3YAAABBBGictWp/32RZ2qsaBP5uc6xym0sH/73/ZedmjAvkiHslYllFIO8S9NCkuOYyOTDht9Zai4ZX3N6tOGi3AkC4Bk8=
I just want user not to get warning or MITM error when they get the same host key from other IP as my domain myhost.com will resolve to multiple IP addresses and when someone login they every time they may get new IP with same hostkey.
The only way you can resolve this is by ignoring these errors, as keys pin to IPs.
All your ssh commands must include the ignore option...
Which will usually clear this up.
All your ssh commands must include the ignore option...
ssh -o StrictHostKeyChecking=no
Which will usually clear this up.
There is no way to... create a cluster of stateful sshd instances, as this violates then entire premise of sshd... which specifically tracks all sorts of key/IP relationships, which is why you get a passphrase prompt anytime you attempt moving to a new machine down a string of sshd connections.
Mention why.
Describe what you're trying to accomplish or what problem you're trying to solve.