On Fri, Nov 29, 2013 at 4:13 PM, Carl Hartung <opensuse(a)cehartung.com> wrote:
This background information is too ambiguous. Has the
upgraded and not the OS? What OS version is presently installed on the
old machine? Was it installed 'fresh' or has there been an upgrade path?
The old hardware is still running but very aged. It has come a long
way from many previous OpenSuSE versions to currently still at 11.0
The new hardware is running with clean install of 12.3 64bit
When you actually swap the machines out, you can
assign the new machine
the same hostname as the original, can't you? I'm not saying this is
necessary, but if it can be done, why not do it?
Yes I can of course try swapping out the things, but I kind of want to
have new fresh current config files at least (with their respective
security settings that probably the old system doesnt have,
AllowRootLogin and or similar) without me needing to remove all
deprecated stuff manually or adding the new default stuff manually.
So thats why I would like to use the old machine keys on the new
system, this would describe my needs probably best I think. Maybe just
keeping the new "ecdsa" files on the new machine and transport the old
other host key files over, would do best for me I suppose.
Maybe I am also remembering the install times of OpenSuSE where it
also says with what kind of hashing algorithm the local passwords are
being saved (currently SHA512), but this is probably a different
story, and I wonder how secure safe or long and hard the old sshd host
keys were when they got created back then, compared to the keys in the
new 12.3 vanilla install. I would like to have best of both worlds,
keeping the warnings and changes to end-users to a minimum (ssh
warnings and alert such as fingerprint or key changed and
mand-in-the-middle-attack), but still having a good situation
regarding security settings.
To unsubscribe, e-mail: opensuse+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse+owner(a)opensuse.org