Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Regenerate DSA/RSA keys
351 views
Skip to first unread message
Mr. Chow Wing Siu
Apr 25, 2012, 10:29:26 PM4/25/12
to
Hi all,
I am running solaris 11 on VM and will clone itself to another.
It'll be rename and have another IP address. Now, I would like
to know how to regenerate DSA/RSA keys properly in solaris:
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_dsa_key.pub
/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_rsa_key.pub
Thank you.
--
Johnson Chow
I am running solaris 11 on VM and will clone itself to another.
It'll be rename and have another IP address. Now, I would like
to know how to regenerate DSA/RSA keys properly in solaris:
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_dsa_key.pub
/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_rsa_key.pub
Thank you.
--
Johnson Chow
John D Groenveld
Apr 26, 2012, 12:15:30 AM4/26/12
to
In article <jnabu6$2kg2$1...@net44p.hkbu.edu.hk>,
/lib/svc/method/sshd -c
John
groe...@acm.org
Mr. Chow Wing Siu <Johnso...@Comp.HKBU.Edu.HK> wrote:
>I am running solaris 11 on VM and will clone itself to another.
>It'll be rename and have another IP address. Now, I would like
>to know how to regenerate DSA/RSA keys properly in solaris:
/lib/svc/method/sshd -u
>I am running solaris 11 on VM and will clone itself to another.
>It'll be rename and have another IP address. Now, I would like
>to know how to regenerate DSA/RSA keys properly in solaris:
/lib/svc/method/sshd -c
John
groe...@acm.org
Ron
Apr 26, 2012, 2:23:32 PM4/26/12
to
On Apr 25, 7:29 pm, "Mr. Chow Wing Siu" <wsc...@Comp.HKBU.Edu.HK>
wrote:
You really only need one type of key - rsa.
ssh-keygen -t rsa
If you want dsa also:
ssh-keygen -t dsa
In both cases you will be asked for a passphrase (password) or enter
for none.
A blank passphrase is a bad idea. Also, don't use your UNIX login
password as the passphrase.
If you are using central authentication such as NIS or LDAP, copy
~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys.
Then type ssh-add and enter your passphrase when prompted. Then ssh
hostname and you are in with a password.
The ssh key lasts for the duration of the session.
I use the following in my .profile when I log in (actually its in
my .kshrc file)
# Load the ssh agent into memory, send the PID to /dev/null
eval `ssh-agent` > /dev/null
# Now just run ssh-add to load the ssh keys into the same shell
I use the following in .profile when I close the session (log out).
# Kill the ssh agent when the shell exits
trap '
test -n "$SSH_AGENT_PID" && eval `ssh-agent -k` ;
test -n "$SSH_AGENT_PID" && kill $SSH_AGENT_PID
' 0
Have fun. ssh is great.
Ron
wrote:
ssh-keygen -t rsa
If you want dsa also:
ssh-keygen -t dsa
In both cases you will be asked for a passphrase (password) or enter
for none.
A blank passphrase is a bad idea. Also, don't use your UNIX login
password as the passphrase.
If you are using central authentication such as NIS or LDAP, copy
~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys.
Then type ssh-add and enter your passphrase when prompted. Then ssh
hostname and you are in with a password.
The ssh key lasts for the duration of the session.
I use the following in my .profile when I log in (actually its in
my .kshrc file)
# Load the ssh agent into memory, send the PID to /dev/null
eval `ssh-agent` > /dev/null
# Now just run ssh-add to load the ssh keys into the same shell
I use the following in .profile when I close the session (log out).
# Kill the ssh agent when the shell exits
trap '
test -n "$SSH_AGENT_PID" && eval `ssh-agent -k` ;
test -n "$SSH_AGENT_PID" && kill $SSH_AGENT_PID
' 0
Have fun. ssh is great.
Ron
hume.sp...@bofh.ca
Apr 26, 2012, 2:30:55 PM4/26/12
to
Ron <rdhal...@gmail.com> wrote:
> If you are using central authentication such as NIS or LDAP, copy
> ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys.
The original post was how to regenerate the *host* keys for the system.
> If you are using central authentication such as NIS or LDAP, copy
> ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys.
He's using an existing machine as a clone template and needs to change
the per-system specific stuff, like IP addresses and the host keys.
Your instructions aren't terribly relevant.
--
Brandon Hume - hume -> BOFH.Ca, http://WWW.BOFH.Ca/
Ron
Apr 27, 2012, 3:16:43 PM4/27/12
to
On Apr 26, 11:30 am, hume.spamfil...@bofh.ca wrote:
Brandon, your are right, I mis-read the OP question. I found this on
the net:
Generating Host Keys:
To re-generate your host keys use this command:
# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
This will re-generate the dsa keys for your host. To re-generate the
rsa keys, use the same command like this:
# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
This will generate a key pair for your system.
Ron
the net:
Generating Host Keys:
To re-generate your host keys use this command:
# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
This will re-generate the dsa keys for your host. To re-generate the
rsa keys, use the same command like this:
# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
This will generate a key pair for your system.
Ron
0 new messages