Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: backup procedure

from [Robert Hajime Lanning] Network Security [Permanent Link]
Subject: Re: backup procedure
Date: Thu, 23 Dec 2004 09:55:17 -0800 
It will work just fine.  There is nothing the locks a configuration or key
pair  to a specific host.


On Tue, 21 Dec 2004 17:43:50 -0800 (PST), Alvin Oga
<alvin.sec@virtual.linux-consulting.com> wrote:


hi ya


Can I move the /etc/ssh/* files to the new server? The new machine will
have the same configuration and the same server name on the DNS but it's
own actual hostname (we'll do some dns link magic behind the scene)


if ssh is done properly ... they will know the server has changed

        - if you want to hide the fact that the server has changed,
        than, you'd basically break one of the "secure features" of ssh
        that you, as the user, know that the next time you connect
        to www.foo.com, that its not what you're expecting

if you move  old:/etc/ssh/* files to new:/etc/ssh files
        than the "new" machine will and can pretend to be just
        like the "old" machine and other machines might not
        know that "new" has hijacked the "old" machine

        - but i claim, that "new" host should NOT even be able
        to use the old ssh host files

- try it and see what happens ..

c ya
alvin




-- 
END OF LINE
       -MCP
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  hostbase auth, Arno A. Karner
Next by Date:  ssh connection incredibly low, Sabrina Lautier
Previous by Thread:  Re: backup procedure, Alvin Oga
Next by Thread:  Chroot User Environment, David E. Meier
Indexes:  [Date] [Thread] [Top] [All Lists]