Re: Host keys after cloning
From: Greg Wooledge (wooledg_at_eeg.ccf.org)
Date: 08/27/04
- Previous message: Ugo Bellavance: "Host keys after cloning"
- In reply to: Ugo Bellavance: "Host keys after cloning"
- Next in thread: Leif Ericksen: "Re: Host keys after cloning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 27 Aug 2004 07:37:33 -0400 To: Ugo Bellavance <ugob@camo-route.com>
On Thu, Aug 26, 2004 at 02:56:26PM -0400, Ugo Bellavance wrote:
> I just cloned a server to save install time, but now I realize that
> the ssh host key is the same for every server. That makes sense since I
> cloned them, but I was wondering if that was insecure, and how to
> regenerate them.
1) Yes, it's generally a bad idea to use the same host keys on different
hosts, unless you're running them as a cluster.
2) Delete the old host keys, and then regenerate them thus:
ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N ""
ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key -N ""
ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key -N ""
(Substitute the proper directory, of course, if yours aren't in
/usr/local/etc.)
- Previous message: Ugo Bellavance: "Host keys after cloning"
- In reply to: Ugo Bellavance: "Host keys after cloning"
- Next in thread: Leif Ericksen: "Re: Host keys after cloning"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
