A migration script is installed with Reflection for Secure IT, which you can use to migrate settings configured using any of the following products:
The migration script is installed to:
/etc/ssh2/migrate.sh
The script examines your configuration files to determine if setting changes are required. If changes are needed, you are prompted to confirm that you want to apply these changes. After you confirm the migration, new configuration files are created with the required updates along with backups of your original files. All operations are detailed in the script’s output and log files. The log files document which settings have been migrated and which cannot be migrated. Log files are created in the same directory as the converted file and have names based on the converted filename (for example, sshd2_config_migration.log).
To migrate global configuration files
NOTE:When you run the migration script with no arguments, it migrates files located in the/etc/ssh2 directory. If /etc/ssh2/sshd2_config and /etc/ssh2/ssh2_config contain non-default settings, you are asked if you want to migrate these files. If these settings contain default values (which is the expected state after you uninstall the prior version and then install the current version), the script looks for the most recent backup files (for example *.rpmsave, *.save or *.backup) and asks if you want to migrate settings in the backup files.
Log in as root.
Uninstall the prior version.
Install the new version.
Run the migration script with no arguments:
/etc/ssh2/migrate.sh
Respond to the prompts.
Review the migrated settings and the migration log and, where required, merge settings from the migrated backup files into sshd2_config and ssh2_config.
To migrate a user configuration file
Log in as root.
Run the migration script and specify the file you want to migrate. For example:
/etc/ssh2/migrate.sh client ~/.ssh2/ssh2_config
To migrate PKI settings
You can use the following procedure to migrate certificate settings if Reflection PKI Services Manager is installed on a computer that has Reflection for Secure IT 6.x or F-Secure configuration files.
Log in as root.
Use pkid with the -m option to migrate settings from your prior version configuration files. For example:
To migrate PKI settings in sshd2_config and ssh2_config files located in /etc/ssh2/ and migrate these settings to pki_config and pki_map files in the PKI Services Manager configuration folder:
/usr/local/sbin/pkid -m /etc/ssh2/
To migrate PKI settings in sshd2_config.backup and create new PKI Services Manager configuration files in the specified output directory:
/usr/local/sbin/pkid -b /output/path/ -m /etc/ssh2/sshd2_config.backupReview the migration log, which is created in the logs directory located in the PKI Services Manager data directory On UNIX: /opt/attachmate/pkid or /opt/microfocus/pkid. On Windows: \ProgramData\Attachmate\ReflectionPKI\ or \ProgramData\Micro Focus\ReflectionPKI\. . (By default, this log records at a level of "info". The level can be elevated using -d.)
NOTE:If the pki_config file in the destination folder already has a trust anchor configured, no migration occurs. This helps ensure that the migration won't overwrite modifications you have already configured.