Respecting cloning vm guests, I see in /etc/ssh the following: ssh_host_dsa_key ssh_host_dsa_key.pub ssh_host_key ssh_host_key.pub ssh_host_rsa_key ssh_host_rsa_key.pub Is there a simple script somewhere to regenerate all the server host keys for the new guest after cloning? -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
Hi James, depending on your use case: if you source is a template VM: just delete the keys prior to cloning in the source VM if you source is a production VM: just delete the keys after cloning on the newly cloned VM The keys will be regenerated on next startup of openssh if they're missing. am Mittwoch, 4. Januar 2012 um 20:08 schrieben Sie:> Respecting cloning vm guests, I see in /etc/ssh the > following:> ssh_host_dsa_key > ssh_host_dsa_key.pub > ssh_host_key > ssh_host_key.pub > ssh_host_rsa_key > ssh_host_rsa_key.pub> Is there a simple script somewhere to regenerate all the > server host keys for the new guest after cloning?-- Mit freundlichen Gr??en Thomas G?ttgens mailto:tgoettgens at gmail.com
On Wed, Jan 4, 2012 at 8:08 PM, James B. Byrne <byrnejb at harte-lyne.ca> wrote:> Respecting cloning vm guests, I see in /etc/ssh the > following: > > ssh_host_dsa_key > ssh_host_dsa_key.pub > ssh_host_key > ssh_host_key.pub > ssh_host_rsa_key > ssh_host_rsa_key.pub > > Is there a simple script somewhere to regenerate all the > server host keys for the new guest after cloning?Simple, just remove them and boot the server or restart sshd: # rm -f /etc/ssh/ssh_host*key*; /etc/init.d/sshd restart Stopping sshd: [ OK ] Generating SSH1 RSA host key: [ OK ] Generating SSH2 RSA host key: [ OK ] Generating SSH2 DSA host key: [ OK ] Starting sshd: [ OK ] -- Mikael Fridh
On Wed, January 4, 2012 14:08, James B. Byrne wrote:> Is there a simple script somewhere to regenerate all the > server host keys for the new guest after cloning?The init script /etc/rc.d/init.d/sshd handles it. I discover that simply removing the existing ssh keys from /etc/ssh and restarting the sshd service causes the host keys to be regenerated. Another step to add to post cloning housekeeping. -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3
Apparently Analagous Threads
- server host keys for kvm clones
- unexpected behaviour in OpenSSH_3.7.1
- [PATCH node-image] Add ability to set persistent ssh_host_keys on the node, usefull if you run diskless instance of ovirt-node
- Problem with sshd host key checking, for my own build with custom prefix
- question