Re: Problem with using same dsa hostkeys on 2 different machines, one of which is backup
From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 03/26/04
- Next message: Jack Patteeuw: "Re: Using PuTTY/Plink port forwarding to run ftp client on Windows"
- Previous message: Neil W Rickert: "Re: Host Key uniqueness"
- In reply to: Kapil: "Problem with using same dsa hostkeys on 2 different machines, one of which is backup"
- Next in thread: Kapil: "Re: Problem with using same dsa hostkeys on 2 different machines, one of which is backup"
- Reply: Kapil: "Re: Problem with using same dsa hostkeys on 2 different machines, one of which is backup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Mar 2004 05:50:47 +0000 (UTC)
In article <a9de1686.0403252047.69c4887@posting.google.com>,
Kapil <kapiltj@yahoo.com> wrote:
>I generate the host dsa key pair on one computer. Then I copy the
>public and private keys to another computer which is to serve as a
>backup to this one. So it will have the same ip address and domain
>name if the active one goes down.
>When I connect to the active from a client computer, it gives no error
>since the host keys are known.
>
>Now after rebooting the active, the backup takes over. Now when trying
>to ssh to it I get the unknown host key error. When removing the known
>host key and trying again the client box gets the new public key which
>is very different than what is stored on the backup computer (which is
>essentially the same as the one on active). Could some one please let
>me know why this is happening?
>How is the client getting a different key? Can it even know it is a
>different hardware that it is talking to?
When sshd is installed on each system, a set of "host keys", and the host
keys are different between your main system and your backup system. When
you connect to the backup server, your SSH client notices that the keys
have changed and gives that error.
The easiest way to resolve it is to copy the host keys from your primary
system to the backup (for OpenSSH these are /usr/local/etc/ssh*key*).
>P.S. Please try and cc me.
If you ask here then read it here.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Next message: Jack Patteeuw: "Re: Using PuTTY/Plink port forwarding to run ftp client on Windows"
- Previous message: Neil W Rickert: "Re: Host Key uniqueness"
- In reply to: Kapil: "Problem with using same dsa hostkeys on 2 different machines, one of which is backup"
- Next in thread: Kapil: "Re: Problem with using same dsa hostkeys on 2 different machines, one of which is backup"
- Reply: Kapil: "Re: Problem with using same dsa hostkeys on 2 different machines, one of which is backup"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
