On Tuesday 13 July 2010 18:37:21 Phil Meyer wrote: > When you copy over a .ssh directory, there are at least two things to > consider: > > 1. permissions. > $ scp -rp .ssh <target_host>: > > 2. do you really want your private key on the target system? Probably > all you wanted was to be able to login with ssh key authentication. To > do that, you should run: > $ ssh-copy-id <target_host>: > > If you allow your private key to reside on other systems, then that key > can be used against you quite easily. If only the public key is exposed > in authorized_keys, your account is as secure as it can be. > > Rule of thumb is: never expose a private key on a host with direct > internet access, like a web server. Use only one private key on your > desktop, and use ssh-copy-id to set up public keys for any remote ssh > access. > > If you want access to those servers from another system, like a laptop, > generate a new private key on the laptop and use ssh-copy-id again to > enable ssh access to the other systems. > > Good Luck! Hi Phil, I copied the server as I did because I want to new f13 virtual server to completely replace the old F8 physical server - hence the 1-for-1 copy. None of these machines are visible to the internet either so I don't have that risk to worry about. Having said that, I will read further into your suggestions. Gary -- Gary Stainburn This email does not contain private or confidential material as it may be snooped on by interested government parties for unknown and undisclosed purposes - Regulation of Investigatory Powers Act, 2000 -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
