On Wed, 6 Jan 2016, Benjamin Drung wrote: > Hi, > > We create virtual machine image templates by doing automated minimal > installations of different Linux distributions (via > preseed/kickstarter/autoyast). At the end of the installation, we > remove the SSH host keys (rm -f /etc/ssh/ssh*_key*). Fresh SSH host > keys will be generated on the first boot of the image instances. This > is done by adding a "dpkg-reconfigure openssh-server" call in > /etc/rc.local (which calls ssh-keygen) on Debian/Ubuntu and by the init > script of sshd on the other distributions. > > This leads to working SSH server running on the virtual machines most > of the times, but sometimes the SSH connection fails with "connection > reset by peer". The investigation of Debian 7 "wheezy" images showed > that these faulty machines have empty (zero byte) SSH host key files. > These files do not exist before the machines are started, but they do > exist before "dpkg-reconfigure openssh-server" is called. > > So it seems that some process creates these empty SSH host key files. > Can you help to further debugging this strange behavior? Does sshd > create SSH host keys? No, sshd only reads and never writes host keys. It's possible that either ssh-keygen is failing during writing the keys out or there is some bug in the init script that is calling it. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
