HPE Community
Operating System - HP-UX
1820644 Members
2182 Online
109626 Solutions
New Discussion юеВ

Re: re-generating ssh host keys

 
SOLVED
Go to solution
Michael O'brien_1
Regular Advisor

тАО04-12-2007 04:06 AM

тАО04-12-2007 04:06 AM

re-generating ssh host keys

Hi,

I've recently cloned a box using ignite. I would now like to regenerate the host keys in /etc/opt/ssh/ssh_host*

Can anybody tell me how to re-generate the host keys

Thanks
Michael
0 Kudos
Reply
10 REPLIES 10
Sundar_7
Honored Contributor

тАО04-12-2007 04:07 AM

тАО04-12-2007 04:07 AM

Re: re-generating ssh host keys

ssh-keygen -t dsa

Will do.
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
Michael O'brien_1
Regular Advisor

тАО04-12-2007 04:20 AM

тАО04-12-2007 04:20 AM

Re: re-generating ssh host keys

Hi Sundar,

I need to re-generate the host keys rather than user keys. When I run the ssh-keygen -t dsa, this will promote me to create the ./ssh/id_dsa rather than /etc/opt/ssh/ssh_host_key

Thanks
Michael
0 Kudos
Reply
Sameer_Nirmal
Honored Contributor

тАО04-12-2007 05:04 AM

тАО04-12-2007 05:04 AM

Re: re-generating ssh host keys

Remove the existing host/pub (rsa/dsa) keys.
Generate ssh host keys using as per your requirements.

# ssh-keygen -t (rsa/dsa) -f /etc/opt/ssh/ssh_host_{rsa/dsa}_key -N ''
0 Kudos
Reply
Sameer_Nirmal
Honored Contributor

тАО04-12-2007 05:07 AM

тАО04-12-2007 05:07 AM

Re: re-generating ssh host keys

Note there is a space between the two quotation marks afer -N

This is because host key generation requires a null new passphrase.
0 Kudos
Reply
Michael O'brien_1
Regular Advisor

тАО04-12-2007 05:17 AM

тАО04-12-2007 05:17 AM

Re: re-generating ssh host keys

Hi Sameer,

Thanks for the reply, I'm okay with generating the ssh_host_rsa_key and ssh_host_dsa_key. In the /etc/opt/ssh directory it has 3 sets of keys

ssh_host_rsa_key
ssh_host_dsa_key
ssh_host_key

How do you generate the ssh_host_key

Thanks
Michael
0 Kudos
Reply
Sundar_7
Honored Contributor

тАО04-12-2007 05:17 AM

тАО04-12-2007 05:17 AM

Re: re-generating ssh host keys

Michael,

ssh-keygen can be used to create both user's and hosts' SSH keys.

You can specific the file name /etc/opt/ssh/ssh_host* in the prompt.

That will create the SSH key for the host.

Sundar.
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
Sundar_7
Honored Contributor

тАО04-12-2007 05:21 AM

тАО04-12-2007 05:21 AM

Solution

Re: re-generating ssh host keys

Michael,

By default only /opt/ssh/etc/ssh_host_dsa_key is used.

Verify your SSH server configuration.

# grep "HostKey" /etc/opt/ssh/sshd_config

Sundar.
Learn What to do ,How to do and more importantly When to do ?
Reply
Sameer_Nirmal
Honored Contributor

тАО04-12-2007 05:39 AM

тАО04-12-2007 05:39 AM

Re: re-generating ssh host keys

Using following command, you can create the key.

# ssh-keygen -f /etc/opt/ssh/ssh_host_key -N ''
Reply
Steven E. Protter
Exalted Contributor

тАО04-12-2007 05:48 AM

тАО04-12-2007 05:48 AM

Re: re-generating ssh host keys

Shalom Michael,

ssh-keygen -t rsa

Generates a smaller key file.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Heironimus
Honored Contributor

тАО04-12-2007 07:38 AM

тАО04-12-2007 07:38 AM

Re: re-generating ssh host keys

ssh_host_key is the ssh1 RSA key. You can create those with "ssh-keygen -t rsa1".
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.