I'd even go beyond what Alan said, since I don't treat any system or network as "trusted." Deleting the keys on the source system should be all you need to do for new clones. Deleting them from the existing guests and restarting sshd will be enough for the rest. People who have already accessed those guests will get a nastygram from their client after that, so they need to be informed of the change.
Mark Post >>> Lee Stewart <[email protected]> 7/16/2012 9:03:09 AM >>> I'd never thought about it before, but a customer pointed out that when you clone a system, each Linux clone has the same Host RSA key fingerprint as it's master. I can't think of anything that would cause a problem with. On the other hand, if they wanted to regenerate the keys, does it take more than erasing the current keys and restarting sshd? Any thoughts? Lee -- Lee Stewart, Senior SE Sirius Computer Solutions Phone: (303) 996-7122 Email: [email protected] Web: www.siriuscom.com ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
