[BlueOnyx:27225] Re: Easy Migrate issue

Greggk greggk at gmail.com
Wed Aug 28 15:14:49 -05 2024 

>
>
>
> On the server that you want to migrate to (in your case: the 5211R)
> login as "admin" to the GUI. Go to "Personal Profile" / "Server Access".
>
> There should be sliders for "SSH Keys" and "PEM Certificates". Flip at
> least the one for "SSH Keys" to on (it'll turn green if on) and save the
> changes. After a minute or less this will have generated
> /root/.ssh/id_rsa (your private SSH key) and /root/.ssh/id_rsa.pub (your
> public SSH key).
>
> You could also do this on the command line (as root) instead and the
> command for this would be:
>
> ssh-keygen -t rsa -b 8192
>
> That does the same and you just confirm all suggested configurations by
> hitting return until it's done. This creates /root/.ssh/id_rsa (your
> private SSH key) and /root/.ssh/id_rsa.pub (your public SSH key) and
> uses 8192 bits for best security.
>
> Once this is done via GUI or CLI, you can run ...
>
> ssh-copy-id root@<migration-source>
>
> ... and that will add your SSH public key /root/.ssh/id_rsa.pub to the
> file /root/.ssh/authorized_keys on the 5208R.
>
> This then allows you to SSH directly as root from the 5211R to the
> migration source (the 5208R) without having to enter the password every
> time.
>
> Easy-Migrate needs this to make things simple. You can then run
> Easy-Migrate on the 5211R and it should be able to connect to the 5208R
> just fine.
>
> Ok, so this did work, however I had to create a tmp openssl.cnf file which
allows for the sha1 since it was giving me errors.
To upload the key I did
    OPENSSL_CONF=/var/tmp/openssl.cnf ssh-copy-id root at migration-source
Which copied just fine, then to connect to the server again I have to use
    OPENSSL_CONF=/var/tmp/openssl.cnf ssh 'root at migration-source'
which again worked nicely.
My question is, do I have to change the easy migrate scripts at all to
account for this OPENSSL_CONF?
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20240828/12aad5b7/attachment-0001.html>

More information about the Blueonyx mailing list