login about faq

Hello,

During the install, Tectia automatically created a hostkey. I looked at hostkey.pub and it says:

Comment: "1536-bit rsa,

I would like to create a new hostkey that is 4096-bit rsa. What would be the proper command to do this? Are there any special considerations... like permissions, or stopping the server before making the new host key? Will connections take longer with a larger key?

Thanks!

asked Apr 23 '14 at 10:33

Matt's gravatar image

Matt
568913

edited Apr 23 '14 at 10:37


With the help of the Admin Manual; on the ssh server ran the following command:

ssh-keygen-g3 -P -H -b 4096 -t rsa -c "4096 bit hostkey generated May 21 2014"

After running the above command I checked /etc/ssh2 directory. The hostkey and hostkey.pub reflected new dates, the file were regenerated.

On the ssh server I then ran this command:

ssh-server-ctl reload

the response was

Reconfiguration successful.

On my clients ~/.ssh/known_hosts file I removed the old entry. I then made a connection to the ssh server and got the expected authenticity message:

The authenticity of host '' can't be established.

RSA key fingerprint is 12:12:12:12:12:12:12:12:12:12:12:12:12:12:12:12:12

Are you sure you want to continue connecting (yes/no)? yes

This worked for me and my server now has a 4096 bit hostkey.

Some explainations of the above ssh-keygen-g3 command...

-P means no password

-H means that the hostkey will go in the default directory.

-b to specify the bit length

-t to set rsa or dsa

-c "comment" (If you add a comment make sure that you put quotes around it. If you don't you could get a key file for each word.)

link

answered May 22 '14 at 05:03

Matt's gravatar image

Matt
568913

edited May 22 '14 at 05:03

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×17

Asked: Apr 23 '14 at 10:33

Seen: 2,910 times

Last updated: May 22 '14 at 05:03

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.