In the old cluster, we had an NFS shared /etc/ssh-keys/$you file that you could read/write. The NFS share is gone and the Source of Truth for the keys is now our LDAP server instead.

OpenSSH has deprecated old/weak/broken keys and protocols and the FreeBSD project tracked these changes. As a temporary grace period (where "temporary" was about one year), we relaxed the allowed protocols on the cluster to include the deprecated keys/protocols for certain systems. As was explained in your developers@ email, if you relied on old keys, you must update them. If you ignored the email, then .... You still have time to recover.

How does one update them?




clusteradm/ssh-keys (last edited 2017-11-06T04:12:13+0000 by PeterWemm)