Is it mandatory to generate host keys on the target host, or can they be generated on another host and transfer to thetarget host
Dan Kaminsky
dan at doxpara.com
Wed Nov 3 20:42:42 EST 2004
Patrice,
You can generate keys wherever you like; it's however considered
poor form cryptographically to transfer any private key. Exceptions are
generally only allowed when there's only very limited processor
resources on the host -- but then, why would you use SSH, which
generates short term RSA keys every couple of hours?
--Dan
Patrice.Gonthier at alcatel.fr wrote:
>Hello,
>
>My question in 2 words is the following:
>
>Is it mandatory to generate host keys on the target host, or can they be
> generated on another host and transfer to thetarget host ?
>
>
>If my question is not clear here is an example...
>
>
>I need to install host keys on a host server.
>
>I imagine the usual way is to launch the following command locally on the
>host server .
># ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N ""
>
>My question is:
>Is is possible to generate host keys on another host, and in a second step
>to install them on athe host server.
>
>Thank you by advance for your help ....
>
>Patrice
>
>
>
>
>
>
>_______________________________________________
>openssh-unix-dev mailing list
>openssh-unix-dev at mindrot.org
>http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>
More information about the openssh-unix-dev
mailing list