SSH Key rotation to remote servers

167 admin September 20, 2023 Migration & Maintenance, Security Features 8547

How to rotate the Ezeelogin key pair from Gateway to remote servers?

The generated private key would be encrypted and cannot be retrieved.

1. To generate the new 4192-bit key pair in the Ezeelogin jump host installation, run the following command on the gateway server first.

The maximum supported private key size would be 4192 bits.

root@gateway ~]# /usr/local/ezlogin/eztool.php -regenerate_ssh_key

2. Run the highlighted command using the parallel shell so as to copy the new public key to all servers. The idea would be to copy the newly generated public key to /root/.ssh/authorized_keys on the remote servers.

####################################

# Ezeelogin Tool #

####################################

Checking environment... done

Checking license... done

Enter Ezeelogin administrator password: admin1234

Regenerate SSH key pair...

- New SSH key pair generated. Execute the following command on all remote servers using parallel shell feature to add the new public key in authorized keys:

echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEaoCRxkhNdOrZk6olp+eh1RmVjrlHDHZmDyFkkNZnfZS/KXQAFPMtL3lJ9F7H4H498FQdU7wyFJLd+m00SjaYoolNx2VdhJzaBAfmqVx4Nt7wgech37wWN/NmYsFRgSC3HyZlgLycUQlcahwCp+rGJNEcjHMdmqlgX+hLFo1pXl498m5fvDXu8POga7Kq39wpURzy9gtzJyJYmHN8583qWWF4nduTy6S4ts/vd5qZVqfdky7BgqL6yMDzNId0sr1Hp90kQRbBP0wUoZ7iQ1GbtSUQmA/YBMy47OOjps86PhMR/LDqRb0a6NGvP2cpFHbGkumVECdSMuLTS8ncWUarad+yG3l3atFCwW6TxoMVNKMcqr+sAlCWzeLf87np0Ghtk1Cvy+Qxy0EzlLeX6YSYelnnnwLsBGi1kmkTmefoE3WH41yYOd4WAGA67hEgCIVQOCT+1A0Weg23SBGQUCYQbV9vII/8HDF2PFK7UJuCSO2c7lpeNE69LyZbMIvH5KeH3EMng6ljlpCOGv6xMo3Y0Qfh6bMI5GIrFBW1YMqKw36Fyer5LtsP1p3kh4Ye+tTnpGemvlXsTVABVDLFHII1MKlWAWKqDAllV74ocAd7vg5MOaaSGO+jACae8GaSF48JZ23cCElV2VF7AkMudFgHCb1h5/29y/ATTzZkIFilow== ezlogin' >> ~/.ssh/authorized_keys

You should execute the above command on all remote servers using the parallel shell feature to add the new public key in authorized keys and Wait for the parallel shell execution to complete before pressing any key to return to the command line.

After it is done, press enter key to continue...

3. Wait for the parallel shell execution to complete before pressing any key to return to the command line. This will ensure that the new public_key is copied across all servers.

4. You can view the updated global key under Servers -> Global key

2 people found this article helpful what about you?