[wellylug] ssh key

[David Antliff]

On Wed, 6 Oct 2004, Mark Signal wrote:
> It's no problem to shift over the ~/ssh/authorized_keys over but I'm stuck
> with the host id key. I've tried copying the key files in /etc/ssh/ from the
> old server to the new server but the connecting pc's still whinge about a
> changed (rsa) key fingerprint. What am I missing?

I'm not an expert on this, but it does raise a few questions for me. Is
this even possible to do transparently? I would have thought that changing
host would change the fingerprint, or is it possible to copy host
fingerprints?  Wouldn't this mean you could create two hosts with the same
fingerprint - as you are trying to do? Are the host keys entirely
self-contained or do they use something in the hardware to generate them,
e.g. NIC MAC address?

Or are they purely to prevent *simple* IP address spoofing attacks?

-- 
David.