Next: Scenario E, Previous: Scenario C, Up: Troubleshooting [Contents][Index]
In this section we change the collection’s SSH keys pair.
# su MDTX-COLL $ ssh-keygen -t rsa The key fingerprint is: NEW_FINGERPRINT
Since ssh 7.4 the fingerprint is displayed into sha256 sum. mediatex is still using the md5 sum.
$ ssh-keygen -l -Emd5 -f ~MDTX-COLL/.ssh/id_rsa.pub \ | awk '{print $2'} | cut -d: -f2- | sed -e 's/://g' NEW_FINGERPRINT
This public key is shared and used by servers to identify themselves under the collection context, and to perform remote copies.
(slave)# scp ~/MDTX-COLL/.ssh/id_rsa.pub MASTER:PATH (master)$ mediatex add key PATH to coll COLL (slave)$ mediatex upgrade
Next you should edit /etc/mediatex/mdtx-COLL/servers.txt file so as to remove the oldest server stanza (matching OLD_FINGERPRINT).
$ vi /etc/mediatex/mdtx-COLL/servers.txt <<< master OLD_FINGERPRINT … Server OLD_FINGERPRINT --- master NEW_FINGERPRINT … Server NEW_FINGERPRINT >>> $ mediatex upgrade
Both remote copies and socket’s connections will fails until the target server automatically upgrade (via CRON) and then get the new public key of the source server.
Local keys are updated into /etc/mediatex/mdtx.conf by $ mediatex upgrade
, but not by $ mediatex upgrade coll COLL
.