How to change the private key in use and change the default public key in use?

  1. To generate the new 4192 bit key pair in the Ezeelogin jumphost installation, run the following command on the gateway server first.

/usr/local/ezlogin/eztool.php -regenerate_ssh_key

      2. Run the highlighted command using parallel shell so as to copy the new public key to all servers. The idea would be to copy the newly generated public key to /root/.ssh/authorized_keys on the remote servers.

                   _             _     

  ___ _______  ___| | ___   __ _(_)_ __ 

/ _ \_  / _ \/ _ \ |/ _ \ / _` | | '_ \

|  __// /  __/  __/ | (_) | (_| | | | | |

\___/___\___|\___|_|\___/ \__, |_|_| |_|

                           |___/

 

 

####################################

# Ezeelogin Enterprise Tool        #

####################################

 

Checking environment... done

Checking license... done

 

Enter Ezeelogin administrator password: admin1234

Regenerate SSH key pair...

- New SSH key pair generated. Execute the following command on all remote servers using parallel shell feature to add the new public key in authorized keys:

echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEaoCRxkhNdOrZk6olp+eh1RmVjrlHDHZmDyFkkNZnfZS/KXQAFPMtL3lJ9F7H4H498FQdU7wyFJLd+m00SjaYoolNx2VdhJzaBAfmqVx4Nt7wgech37wWN/NmYsFRgSC3HyZlgLycUQlcahwCp+rGJNEcjHMdmqlgX+hLFo1pXl498m5fvDXu8POga7Kq39wpURzy9gtzJyJYmHN8583qWWF4nduTy6S4ts/vd5qZVqfdky7BgqL6yMDzNId0sr1Hp90kQRbBP0wUoZ7iQ1GbtSUQmA/YBMy47OOjps86PhMR/LDqRb0a6NGvP2cpFHbGkumVECdSMuLTS8ncWUarad+yG3l3atFCwW6TxoMVNKMcqr+sAlCWzeLf87np0Ghtk1Cvy+Qxy0EzlLeX6YSYelnnnwLsBGi1kmkTmefoE3WH41yYOd4WAGA67hEgCIVQOCT+1A0Weg23SBGQUCYQbV9vII/8HDF2PFK7UJuCSO2c7lpeNE69LyZbMIvH5KeH3EMng6ljlpCOGv6xMo3Y0Qfh6bMI5GIrFBW1YMqKw36Fyer5LtsP1p3kh4Ye+tTnpGemvlXsTVABVDLFHII1MKlWAWKqDAllV74ocAd7vg5MOaaSGO+jACae8GaSF48JZ23cCElV2VF7AkMudFgHCb1h5/29y/ATTzZkIFilow== ezlogin' >> ~/.ssh/authorized_keys

 

After it is done, press enter key to continue...

  Wait for the parallel shell execution to complete before pressing any key  to return to command line. This will ensure that the new public_key is copied across all servers.


3.  Within the Webpanel, you will see the new Public key of length 4192  bits.  In the backend, the file would be /usr/local/etc/ezlogin/id_key.pub

 

rotate key pair


4. Click "Setup SSH key on all server" to ensure that the newly generated public key is verified across all servers and the old public key removed.

setup-ssh-keys

 

0 (0)
Article Rating (No Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    Configure four eyes authorization
    Viewed 1394 times since Fri, Dec 1, 2017
    Record ssh sessions
    Viewed 1701 times since Fri, May 4, 2018
    How to enforce 2 Factor Authentication on user login?
    Viewed 638 times since Wed, Sep 19, 2018
    How to ensure that ssh jump host users are not using previous password set to meet security compliances such as PCI DSS , SOX, HIPAA , NIST , MAS, SOC2, FFIEC, NERC CIP , ISO 27001
    Viewed 885 times since Wed, Feb 28, 2018
    How do i uninstall ezeelogin?
    Viewed 1461 times since Wed, Jun 14, 2017
    Can I use Google 2FA, Yubikey , DUO simultaneously?
    Viewed 1955 times since Thu, Dec 14, 2017
    how to create a complete backup of ezeelogin installation?
    Viewed 1304 times since Thu, Jun 15, 2017
    Enable Google reCaptcha
    Viewed 162 times since Fri, Feb 1, 2019
    Configure ssh timeout in ssh gateway
    Viewed 1713 times since Fri, Dec 1, 2017
    How to enable google 2FA (Two factor Authentication) in ezeelogin ?
    Viewed 2154 times since Mon, Oct 9, 2017