Generating custom public/private keys
Brian Hatch
secureshell at ifokr.org
Sat Jan 26 04:03:25 EST 2002
> This may not be the run of the mill, but does anyone have any idea how to
> create keys that will work with the text I want in them. The reason I'd
> like to do this is that if a computer on the network has to be replaced due
> to a fault on it, I'd like to be able to just put the new key on the box
> without having to regenerate using ssh-keygen the keys for the entire
> network it is on. Basically I'd like to make the keys set, instead of
> random.
If a single machine dies, you need to bring in new hardware or
reinstall as appropriate. Then copy the old version of the server
keys (/etc/ssh_host_key* or /etc/ssh/ssh_host_key*) from your backups.
No need to change anything on the network, the host key won't have
changed from the appearance of the clients, etc.
If the machine died because it was rooted, then I'd definately
*NOT* use old keys, you should generate new ones.
--
Brian Hatch Quantum Mechanics:
Systems and The dreams stuff
Security Engineer is made of.
http://www.ifokr.org/bri/
Every message PGP signed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020125/1a5c48d8/attachment.bin
More information about the openssh-unix-dev
mailing list