Managing SSH host keys v23
TPA generates a set of SSH host keys while provisioning a cluster.
These keys are stored in the cluster directory, under the
subdirectory. These host keys are automatically installed into
/etc/ssh on AWS EC2 instances and Docker containers.
By default, these host keys are not installed on
but you can set
manage_ssh_hostkeys to enable it:
You must initially set up
known_hosts in your cluster directory with
correct entries, as described in the docs for
bare instances. TPA will replace the host keys
manage_ssh_hostkeys setting is meaningful only for bare instances.
The generated host keys will be installed on all other instances.
TPA will add entries for every host and its public host keys to the
ssh_known_hosts file on every instance in the cluster, so that
they can ssh to each other without host key verification prompts,
regardless of whether they have
manage_ssh_hostkeys set or not.
- On this page