[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: EC2 images

On 4 July 2013 16:37, Tormod Ryeng <tormod@tormod.no> wrote:
> Hi,
>
> The AWS EC2 AMIs on
> https://aws.amazon.com/marketplace/seller-profile/ref=srh_res_product_vendor?ie=UTF8&id=890be55d-32d8-4bc8-9042-2b4fd83064d5
> (linked to from http://wiki.debian.org/Cloud/AmazonEC2Image) give the same
> ECDSA key fingerprint for every instance when SSHing to the instances. The
> host keys should be generated during the first boot-up of the instance, but
> seem to be static.
>
> I would assume that anyone using e.g. ami-ddbeafa9 gets the fingerprint
> f9:c4:2a:ee:20:5e:66:c2:fc:76:12:63:53:13:9e:dc.
>
> We've only tested the eu-west 64-bit AMI and some of the RightScale images
> listed on the wiki, and they've all had the same problem.
>
> I don't know whether this is a bug in the tools used to create the images or
> not.
>
> --
> Regards,
> Tormod Ryeng

Whoa, that is weird, to say the least.
I remove the keys when creating the ami
(https://github.com/andsens/build-debian-cloud/blob/master/tasks/60-cleanup)
and create new ones at first boot
(https://github.com/andsens/build-debian-cloud/blob/master/init.d/generate-ssh-hostkeys).
Do we have an entropy problem?!?!
Reply to: