Archive for 'CF-Engine' Category

Starting & stopping CF-Engine

By jbayer - Last updated: Wednesday, January 15, 2014

We are slowly implementing CF-Engine 3 in our environment.  Inevitably, there are occasionally problems on specific systems.  Sometimes we need to disable CF-Engine while debugging since the files that are being worked on are maintained by CF-Engine and would be overwritten during the debugging process. We also put a line in to /etc/cron.d/cfengine to restart […]


SSH known_hosts Management with CFEngine

By jbayer - Last updated: Thursday, October 10, 2013

For small sites, a changed Secure Shell (SSH) host key poses only minor problems, as only a few systems might be affected. At larger sites, the host key data should be maintained with configuration management, so that any SSH host key changes can be propogated throughout the site. CFEngine can maintain a global ssh_known_hosts file for OpenSSH. Host Key Collection with ssh-keyscan The […]