Amongst other things: If someone compromises one of your servers and obtains the host private key, theoretically they could then impersonate/man-in-the-middle any one of your cloned machines and you or other users using SSH to connect to the server would not detect the change. In other words, you are opening all of your cloned machines to unnecessary risk. Duncan Ball -----Original Message----- From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of North, Walter Sent: Thursday, 20 December 2007 7:28 AM To: 'secureshell@xxxxxxxxxxxxxxxxx' Subject: Host Key question Recently I have been installing systems with master images. And seeing as how openssh was installed on the master, it gets installed on the image. And the host keys are the same. This does not seem to impair communication, but I wonder, is there a security implication to having this happen ? Thanks in Advance. ----------------------------------------------------- Walter North 406-444-2914 Computer System Engineer wnorth (at) mt (dot) gov -----------------------------------------------------
