[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: deleted the /root/.ssh folder - what should I do for for recovering the keys



On 12/22/2009 02:13 PM, Chris Smart wrote:
2009/12/22 Mark Ryden<markryde gmail com>:
Hello,
 I have a machine on which I deleted the /root/.ssh folder;


You might be able to recover them with tools like photorec from the
testdisk package. When you delete something it's not zeroed out, so
unless you write over that part of the disk again the data should be
recoverable.

Failing that, if you have physical access to the box then it shouldn't
be too hard to log in locally and copy over the new keys. If someone
else has root access on the boxes (even via su -) then you could do it
that way too.

You must also make sure that the authorized_keys or authorized_keys2
file(s) on the destination machine have 644 (rw-r--r--) or 600
(rw-------) permissions or the destination will continue to ask for
passwords.  sshd requires that "group" and "other" write attributes be
disabled on those files.

By default, sshd wants "~/.ssh/authorized_keys".  You can change that
in the /etc/ssh/ssd_config file on the destination system, then restart
sshd on the destination.

----------------------------------------------------------------------
- Rick Stevens, Systems Engineer                      ricks nerd com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-            Beware of programmers who carry screwdrivers            -
----------------------------------------------------------------------


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]