From owner-freebsd-questions  Tue Apr 16  8:56:45 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from utility.clubscholarship.com (utility.clubscholarship.com [198.78.70.175])
	by hub.freebsd.org (Postfix) with ESMTP id B901637B405
	for <freebsd-questions@freebsd.org>; Tue, 16 Apr 2002 08:56:41 -0700 (PDT)
Received: from localhost (root@localhost)
	by utility.clubscholarship.com (8.11.6/8.11.6) with ESMTP id g3GFtlu95263
	for <freebsd-questions@freebsd.org>; Tue, 16 Apr 2002 08:55:47 -0700 (PDT)
	(envelope-from root@utility.clubscholarship.com)
Date: Tue, 16 Apr 2002 08:55:47 -0700 (PDT)
From: Patrick Thomas <root@utility.clubscholarship.com>
To: <freebsd-questions@freebsd.org>
Subject: getting new ssh keys for an exploded jail
Message-ID: <20020416085335.G95061-100000@utility.clubscholarship.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


Hi,

I am running a few (3-4) jails on a server, and instead of doing a `make
world`, etc., to create the jail, I just untar a filesystem that I have
for this purpose.

Works fine.

However, each untarred filesystem is exactly the same, which means each
one has the same private keys for ssh, etc. - again, sshd works fine, but
I think this is an improper setup - to have multiple hosts with the same
sshd keys.

What actions can I take on each jail, once they are running, but before I
give them to the test people, to make sshd as secure as it should be ?

thanks,

PT


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message