Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

Moving the Console - PUBKEY.CRT

Created: 27 May 2006 • Updated: 21 May 2010 | 2 comments

I just successfully moved the Ghost Console from one machine to another, but I'm having the problem where none of my client machines are seeing the Ghost Server. However, if I delete the PUBKEY.CRT on the client machine and then restart the Ghost Client service, the Ghost Server can see the client again. Unfortunately, some of the client machines have 5 or 6 different images used for QA/testing purposes. Am I going to have to restore each image and then delete the .CRT file and then update the image?

Uggh...I've got about 40 different images!

I thought about just deleting the .CRT file right from the images using Ghost Explorer, but all my images are NTFS.

Somebody please tell me I'm overlooking something!

Thanks.

Peter Lucas

Discussion Filed Under:

Comments 2 CommentsJump to latest comment

Peter Lucas's picture

D'oh!

I figured it out.

Copy the pubkey.crt and privkey.crt from the original server and put it on the new server!

Balrob's picture

Don't copy the privkey.crt file anywhere (except to a Console backup).

The privkey/pubkey pair are part of the security apparatus of the Ghost Console and are generated automatically when the Console is installed. When a Ghost Client is installed it receives a copy of the public key from the Console. Using these certificates, a Client can authenticate the Console and thus ensure that only the designated Console can take control of a Client.
If you copy the private key to all the clients, then any user on the network can take that file and create a duplicate Console - which the clients will not be able to distingiush from the authorised Console (i.e havoc would ensue). So, keep the private key safe & secure on your designated Console only.