I need to upgrade my Tectia SSH server. Do I need to regenerate the hostkey? Is there any way I can use the existing hostkey?
asked Jan 12 '11 at 11:05
SSH KB ♦
In most cases, old hostkey is automatically taken in use after a server upgrade. On Windows, when upgrading from 4.x to a newer release, the file permissions need to be reset manually.
The hostkey is a server's identity and should be preserved when upgrading the server. If a hostkey changes, clients connecting to the server will be notified of a changed hostkey and the user is prompted to accept or deny the new key. Automated jobs may start failing if a hostkey is changed without updating the client side trusted keys.
When upgrading, in most cases the old host keys are automatically taken into use. However, on Windows platforms, when upgrading from version 4.x or older, the location and permissions of the host keys are changed. The installation program should copy the keys automatically to the new location, but the permissions need to be reset manually.
To fix the permissions on Windows, after upgrading from 4.x to 6.x, you need to go to the directory where the hostkeys are and reset the permissions using an administrator account:
> cd "C:\Program Files\SSH Communications Security\SSH Tectia\SSH Tectia Server" > ssh-keygen-g3 --set-hostkey-owner-and-dacl hostkey
answered Jan 12 '11 at 11:06
SSH KB ♦