Identical host keys!

From: felixc (felixc_at_clarkson.edu)
Date: 06/03/03

  • Next message: sam: "how to generate RSA key pair in windows"
    To: secureshell@securityfocus.com
    Date: Tue, 3 Jun 2003 10:28:17 -0400
    
    
    I have compiled OpenSSH (and all its dependanies) from source.  They are stored in AFS and are shared by several machines.  We created a tarball of the contents of the /etc/ssh directory and distribute that to each target machine.  (tarball contains login_banner, moduli, ssh_config, ssh_known_hosts, ssh_prng_cmds,sshd_config).  We setup sshd so that it starts on boot (in rc3.d) and generate new keys for each machine. 
     
    Then, we use ssh-keyscan to grab the public host keys for each machine (to put them into a central repository).  However I noticed that all of the hostkeys returned by ssh-keyscan are identical.  However, if you hop onto each box and look at the /etc/ssh/ssh_host_key files they are all different. 
     
    What could be the source of my problem here?  I know that it can't be secure to have 3-4 dozen boxes with identical host keys.  What can I do to fix this?
     
    Thanks for your help,
     
    Felix Cat

  • Next message: sam: "how to generate RSA key pair in windows"