Re: Can I move the private key from one server to another?

From: Nico Kadel-Garcia (nkadel_at_comcast.net)
Date: 03/09/05

• Next message: Simon Tatham: "Re: SFTP versus FTP over SSH2"
• Previous message: Nico Kadel-Garcia: "Re: SFTP versus FTP over SSH2"
• In reply to: Neil W Rickert: "Re: Can I move the private key from one server to another?"
• Next in thread: Jacob Nevins: "Re: Can I move the private key from one server to another?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 9 Mar 2005 07:04:44 -0500

"Neil W Rickert" <rickert+nn@cs.niu.edu> wrote in message
news:d0ldqn$h0v$1@usenet.cso.niu.edu...
> John Reese <john_reese@fin-rec.com> writes:
>
>>Is there any way to transport the old private key from the old machine to
>>the new machine? This must have come up before somewhere!
>
> I have done that. I just use "scp". I login to the new machine, not
> yet commissioned. Then I use scp to copy public and private host
> keys from the old machine.. Then I restart sshd on the new machine, so
> that it will use the copied keys.
>
> By the time I commission it (give it the hostname and IP address
> of the system it is replacing), everything is set to go.
>
> On the other hand -- maybe it's good to replace keys occasionally,
> and to have a procedure for notifying users of a pending change.

In an environment with hundreds of users changing it, they'll kill you for
randomly changing it, especially if they're Linux/UNIX users who will have
to edit their known_hosts keys by hand.

It's easily enough to log into the new machine and scp the files from the
old machine: in RedHat, they're in /etc/ssh/\*key\*, and need to be copied
with ownership and permissions intact. (scp -p old-machine:/etc/ssh/\*key\*
/etc/ssh/. should work fine). Then restart the SSH daemon on the new
machine.

• Next message: Simon Tatham: "Re: SFTP versus FTP over SSH2"
• Previous message: Nico Kadel-Garcia: "Re: SFTP versus FTP over SSH2"
• In reply to: Neil W Rickert: "Re: Can I move the private key from one server to another?"
• Next in thread: Jacob Nevins: "Re: Can I move the private key from one server to another?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Palm to FreeBSD using ssh ... tussh just less humble). ... tend to use encrypted keys. ... > but I don't know if it IS more secure of if it just isn't as ... > I can now connect to the FreeBSD machine using my Private Key ... (SSH) Re: File Encryption ... You can check some of the options including Microsoft. ... Even the decryption tools need the keys. ... The certificate is stored in a file with a .cer extension, ... and the certificate and private key are stored in a password-protected ... (microsoft.public.windowsxp.security_admin) Re: Hunde raus ... Wenn die Public Keys ordentlich verifiziert sind, ... müssten sich Fakeposter nämlich erstmal in den Besitz von Private Key ... Prev by Date: ... Next by Date: ... (de.rec.tiere.hunde) Re: How can Putty load my public key generated with OpenSSH ... I can just run any of the OpenSSH ... >> tools on the Linux box to manipulatte keys. ... > If you generate a keypair on the client, your private key won't have to go ... connected to the sshd machine numerous times from remote Linux boxes. ... (comp.security.ssh)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint