Saw a question on Twitter about moving the current SSH Keys to the same machine after a new installation.
This raised my curiosity and I asked myself how they are made. I understand the process on generating a key and the difference between the private and public.
Logically I assume that the keys are generated at random and have nothing to do with the hardware/os (besides the last line with the user/computer) they are on.
Thanks for any insight. I always enjoy learning how things "tick".
Best Answer
SSH uses pre-generated public and private keys. Once generated these keys are stored for future use. The content of the keys should not be related to the hardware or O/S, but do depend on the random numbers they provide.
There are various formats used to transport the keys. If you move from one platform to another you may need to change the key format. Putty uses a different format than OpenSSH, but there are tools for both to convert the format.
The private key should rarely need to be transported. If they are they must be kept secure. Public keys and are freely distributable, and are automatically exchanged during the connection. Usually known keys are stored so that the verification dialog is not required on subsequent connections.
I generally generate new keys for new devices as this is more secure. It does require re-establishing trust relationships. Copying the old keys may allow the transfer of trust. Sometimes the trust includes other information such as hostname and/or IP address preventing the transfer of trust.
An existing known host list can be transferred. This allows you to transfer the list of devices you trust. This does not guarantee they will trust you.