[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers-public] SSH host keys for the new machine?

From: Bob Proulx
Subject: Re: [Savannah-hackers-public] SSH host keys for the new machine?
Date: Fri, 4 Nov 2016 15:00:59 -0600
User-agent: NeoMutt/20161014 (1.7.1)

John Sullivan wrote:
> Personally, I vote for option #3, because it will reduce the number of
> variables in debugging the inevitable problems that will appear in the
> transition.

Thanks for commenting!  (I will note that there was an additional
private comment.)

Not hearing any dissenting opinions I am executing option 3.

> > Option 3: Do we use the old keys now through the transition but switch
> > to the new host keys soon after completing the migration?  Soon being
> > 1-2 weeks.  This would keep the immediate disruption minimized.  It
> > would allow us to back out of the switch, briefly return to the
> > previous hosts if problems were found, without thrashing users.

Done.  The old host keys have been cloned onto the new machines.

Note that for users such as those of us already working on the new
systems we will have recorded in our known_hosts the newer and now
preferred ecdsa-sha2-nistp256 keys rather than the previous ssh-rsa
keys.  Therefore those of us working already will be nicely surprised
not to see a thrash to our own known_hosts files. :-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]