[cfarm-users] Does gcc304 sync certificates?

Segher Boessenkool segher at kernel.crashing.org
Sat Mar 12 22:35:08 CET 2022

On Sat, Mar 12, 2022 at 02:28:07PM -0500, Jeffrey Walton via cfarm-users wrote:
> On Sat, Mar 12, 2022 at 2:24 PM Daniel Widdis via cfarm-users
> <cfarm-users at lists.tetaneutral.net> wrote:
> > ...
> > I’ve never been able to log into the macOS M1 machine, gcc304.  It asks for a password (which implies the certificate isn’t synced):
> It is probably the RSA key. OpenSSH made a change recently concerning
> RSA keys. Also see https://www.openssh.com/releasenotes.html.

RSA works just fine, please don't spread misinformation.  It is the only
key type that works on all hosts, too.

> Add an ecdsa or ed25519 key to your authorized_keys.

You should never edit authorized_keys on the cfarm; use the web
interface instead, it keeps things properly in synch.

Using elliptic curve keys is good for speed of course, on the hosts
where that works (only the speed to establish the connection, it isn't
used after that).


More information about the cfarm-users mailing list