I am writing a hardening script to be run by kickstart during the post-installation phase. One of the requirements is to change the permissions on /etc/ssh/ssh_host*key files. My problem is that those keys are not generated when the script is run. I have two questions:
When are those keys generated during the installation process?
Will I break anything if I generate them with my script?
AFAIK the keys are generated during first start of the server (after install).
About generate new one: yes, there is no problem as far as they are described (with filenames) in /etc/ssh/sshd_config
. And you restart sshd
after generation. But if you have already some host/user which get the server public key (before new generation) this may lead to errors in ssh sessions.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments