I have 3 OpenSSH servers and I want to have only one.
I have created a new server, and migrated all the accounts/data from the other 3 onto the new server.
I now intend to update the DNS records for the 3 existing servers so that they point to the ip address of the new server.
However, when clients who connected to any of the older servers now connect to the new server, they are going to get an error, as the server key in their known hosts file is going to differ from the server key issued by the new server.
I can move the server key from one server to the new server, so that there are no issues with one of the three, but there are still going to be problems with the other two.
I had thought about attached 2 extra ip addresses to the new server, and running 3 separate SSH daemons on it, with different server keys, but I'd really like to avoid this.
Has any one got any other suggestions.
You can move all the keys from all the servers to the one and modify
sshd_configto list all of them (optionsHostKey). Then the server should offer all the keys.Also depending on the openssh version (if you are above 6.8), the clients will pick up all the keys when connecting and after some time you might remove the old ones.