I have more question.
In message <[EMAIL PROTECTED]>
"Re: question about updating from SSH1"
"Dave Dykstra <[EMAIL PROTECTED]>" wrote:
> > I have a question about upgrading to OpenSSH.
> > Now,I'm using ssh1.2.26 on Solaris 2.6-sparc,but I want to update
> > my ssh environment for caring security.I couldn't get information
> > for them on archive of this mail-list and FAQ.
> >
> > My question are..
> > 1.Can I use my old keyfile for OpenSSH 2.5.2p2.
> > If I chose this way,what kind of problem occur on my environment?
>
> Should work fine for protocol 1.
I understood that I must use new key if I want to use protocol 2 .
But I can use fine old keys for authentication of protocol 1 .
Is it correct , my understanding?
> > 2.Can I use my old authorized_key file and known_hosts on other machine?
> > If I chose this way,what kind of problem occur on my environment?
>
> There is a problem in that some keys generated by ssh1.2.26 are actually
> 1023 bits even though it was reporting them to be 1024 bits. See
> http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=99438723227424&w=2
I understood that If I use old keys I will have got a message of "HOST IDENTIFICATION
HAS CHANGED".
Is it correct ,my understanding?
> > and Can I use SSH2 authorization on this environment?
>
> Only by generating a new key and using authorized_keys2 and known_hosts2,
> although it looks like the current OpenSSH in CVS supports both kinds of
> keys in authorized_keys and known_hosts.
I understood that
file of authorized_keys and known_hosts are for protocol1
and file of authorized_keys2 and knwon_hosts2 are for protocol2
but currect OpenSSH in CVS support all files.
Is it correct ,my understanding?
----
t-nozawa
