Empty (zero byte) SSH host keys

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi,

We create virtual machine image templates by doing automated minimal
installations of different Linux distributions (via
preseed/kickstarter/autoyast). At the end of the installation, we
remove the SSH host keys (rm -f /etc/ssh/ssh*_key*). Fresh SSH host
keys will be generated on the first boot of the image instances. This
is done by adding a "dpkg-reconfigure openssh-server" call in
/etc/rc.local (which calls ssh-keygen) on Debian/Ubuntu and by the init
script of sshd on the other distributions.

This leads to working SSH server running on the virtual machines most
of the times, but sometimes the SSH connection fails with "connection
reset by peer". The investigation of Debian 7 "wheezy" images showed
that these faulty machines have empty (zero byte) SSH host key files.
These files do not exist before the machines are started, but they do
exist before "dpkg-reconfigure openssh-server" is called.

So it seems that some process creates these empty SSH host key files.
Can you help to further debugging this strange behavior? Does sshd
create SSH host keys?

-- 
Benjamin Drung
System Developer
Debian & Ubuntu Developer

ProfitBricks GmbH
Greifswalder Str. 207
D - 10405 Berlin

Email: benjamin.drung@xxxxxxxxxxxxxxxx
URL:  http://www.profitbricks.com

Sitz der Gesellschaft: Berlin.
Registergericht: Amtsgericht Charlottenburg, HRB 125506B.
Geschäftsführer: Andreas Gauger, Achim Weiss.


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux