openssh unix dev - Nov 2004 - Is it mandatory to generate host keys on the target host, or can they be generated on another host and transfer to thetarget host

Hello,

My question in 2 words is the following:

Is it mandatory to generate host keys on the target host, or can they be
       generated on another host and transfer to thetarget host ?


If my question is not clear here is an example...


I need to install host keys on a host server.

I imagine the usual way is to launch the following command locally on the
host server .
# ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N ""

My question is:
Is is possible to generate host keys on another host, and in a second step
to install them on athe host server.

Thank you by advance for your help ....

Patrice

Patrice,

    You can generate keys wherever you like; it's however considered 
poor form cryptographically to transfer any private key.  Exceptions are 
generally only allowed when there's only very limited processor 
resources on the host -- but then, why would you use SSH, which 
generates short term RSA keys every couple of hours?

--Dan


Patrice.Gonthier at alcatel.fr wrote:
>Hello,
>
>My question in 2 words is the following:
>
>Is it mandatory to generate host keys on the target host, or can they be
>       generated on another host and transfer to thetarget host ?
>
>
>If my question is not clear here is an example...
>
>
>I need to install host keys on a host server.
>
>I imagine the usual way is to launch the following command locally on the
>host server .
># ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N ""
>
>My question is:
>Is is possible to generate host keys on another host, and in a second step
>to install them on athe host server.
>
>Thank you by advance for your help ....
>
>Patrice
>
>
>
>
>
>
>_______________________________________________
>openssh-unix-dev mailing list
>openssh-unix-dev at mindrot.org
>http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>  
>