Regenerate SSH host keys if missing before starting sshd under systemd (!11) · Merge requests · Debian SSH Maintainers / openssh

Hoi Sing Edison Wong requested to merge hswong3i/ssh-team-openssh:master-ssh-keygen into master Dec 30, 2020

Refer to https://github.com/vagrant-libvirt/vagrant-libvirt/pull/1184#event-4119515011, we should always remove existing SSH host keys before virt-sysprep VM as a new image, which is the default behavior for virt-sysprep with --operations +ssh-hostkeys.

For Fedora/openSUSE, the missing of SSH host keys will be regenerated before sshd getting started, therefore sshd could start correctly; by the way, corresponding logic is currently missing for Debian/Ubuntu, therefore result as a non-accessible Vagrant box after a simple vagrant up command.

This PR simply add ExecStartPre=/usr/bin/ssh-keygen -A for above missing feature; moreover, the configuration check with /usr/sbin/sshd -t should also replaced as /usr/sbin/sshd -t $SSHD_OPTS which synchronize with corrsponding ExecStart=/usr/sbin/sshd -D $SSHD_OPTS command.

Signed-off-by: Wong Hoi Sing Edison hswong3i@pantarei-design.com

Regenerate SSH host keys if missing before starting sshd under systemd

Merge request reports