Generate new SSH Host keys

crypto7541 · 02-08-2024, 11:58 PM

Hi,

After the fresh installation, and patching the server for the purpose of Virtual Template.
If I create a new VMs from this template, There will be same host keys for all virtual servers.

Can we create new keys for the template VM, so the new VM shall have different keys and how to generate the new keys for existing VMs that have duplicate keys.?

Thanks,

Turbocapitalist · 02-09-2024, 03:00 AM

Have your VM creation script call ssh-keygen towards the end. From within the VM, the directory /etc/ssh/ will be used. Pre-existing SSH host keys have to be deleted, but be careful not to delete anything else.

Code:

ssh-keygen -a 17 -A

Again, don't run that inside your host, just inside the guest. If you have to run it from within the host, then mount the image and point to the relevant directory using the -f option:

Code:

ssh-keygen -a 17 -A -f /mnt

The -f would cause ssh-keygen to put the new host keys in /mnt/etc/ssh/

See "man ssh-keygen" about the -A option.

Which distro is this for, including version?

crypto7541 · 02-09-2024, 05:00 AM

Thank you for helping.

I am using Oracle Linux 8.8, after running the command and matched the values/content of the files it were same, so it seems that it didn't make any changes.

Turbocapitalist · 02-09-2024, 05:03 AM

Quote:

Originally Posted by crypto7541

I am using Oracle Linux 8.8, ...

Thanks.

As mentioned, you have to delete the old keys yourself. The -A option won't overwrite them.