On Apr 15, 2010, at 9:52 AM, Jacobo García wrote:
I’m thinking making a recipe that generates a ssh key on every client
for the shell user that runs chef-client (root in my case), so when
chef-client tries to pull the repo.
This is what you refer?
You’ll also need the server key in the client’s known_hosts file.
Note that you might find it more manageable to have the same
on all the client machines…
I have a recipe which creates the same
on all the machines that pull from the same repo. Which in my
case is github.
But, yes different keys everywhere would be more secure.