Red Hat Bugzilla – Bug 1461582
12.1 ESTABLISHING A SECURE CONNECTION FOR REMOTE COMMANDS
Last modified: 2018-02-05 09:56:50 EST
Document URL: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/host_configuration_guide/chap-host_configuration_guide-running_remote_jobs_on_satellite_hosts
Section Number and Name: DISTRIBUTING THE SSH KEYS FOR REMOTE EXECUTION
Describe the issue: The text suggests we use "ssh-copy-id -i ~foreman-proxy/.ssh/id_rsa_foreman_proxy.pub email@example.com" to distribute the key to client machines. When ssh-copy-id exits it suggests that the success of the command be evaluated by immediately initiating a ssh connection to the same host.
Suggestions for improvement: The only problem with the above is that what is suggested by ssh-copy-id is the wrong test.
This is the correct test:
"ssh -i ~foreman-proxy/.ssh/id_rsa_foreman_proxy firstname.lastname@example.org"
We should add some verbiage into this section that clarifies the issue.
It looks like it has already been fixed by the 6.3 docs:
To distribute keys manually, execute the following command on the Capsule:
<screen># ssh-copy-id -i ~foreman-proxy/.ssh/id_rsa_foreman_proxy.pub <replaceable>email@example.com</replaceable></screen>
Here <replaceable>target.example.com</replaceable> is the host name of the target host. Repeat for each target host you want to manage.
Let me know if that works for you
I'm not sure if this fixes it or not.
The ssh-copy-id command returns text to the screen when it completes. This text is a suggestion of a command the user may use to test (evaluate) whether the ssh-copy-id command they just ran was successful. It's that text that is wrong for our purposes. Does this fix in the docs make that clear?
I can add a section after the copy-id to test if the key works run your command, would that work?
Nevermind I will go with that it makes sense for a good test ignore comment #3 clearing the needinfo.
Merge request opened:
Russell can you do a review and merge please if it looks good :)