Bug#594175: openssh-server: support generation of ssh host keys in init script
Package: openssh-server
Version: 1:5.5p1-4
Severity: wishlist
I mentioned this issue in my talk "State of Debian (based) Linux
live systems in 2010" at Debconf10. Colin suggested to talk about
it later on, so I'm reporting this as a wishlist item.
It would be nice if the sshd init script would support generation of
ssh host keys - iff there aren't any keys present yet.
The (main) use case for this feature are live systems where you
usually don't want to ship pre-generated keys on one hand, on the
other hand not everyone wants to generate the host keys
automatically on each boot (consuming time and ressources).
Taking care of key generation as someone invokes '/etc/init.d/ssh
start' works fine for the Grml live systems and its users. What
we're doing is something as simple as:
,---- [ relevant snipped of Grml's ssh initscript ]
| RSA1_KEY=/etc/ssh/ssh_host_key
| RSA_KEY=/etc/ssh/ssh_host_rsa_key
| DSA_KEY=/etc/ssh/ssh_host_dsa_key
|
| case "$1" in
| start)
| [...]
| if ! test -f $RSA1_KEY ; then
| log_action_msg "Generating SSH1 RSA host key..."
| $KEYGEN -t rsa1 -f $RSA1_KEY -C '' -N '' || exit 1
| fi
|
| if ! test -f $RSA_KEY ; then
| log_action_msg "Generating SSH RSA host key..."
| $KEYGEN -t rsa -f $RSA_KEY -C '' -N '' || exit 1
| fi
|
| if ! test -f $DSA_KEY ; then
| log_action_msg "Generating SSH2 DSA host key..."
| $KEYGEN -t dsa -f $DSA_KEY -C '' -N '' || exit 1
| fi
| [...]
`----
Would be great if that feature would be available in Debian/Ubuntu
based (live) systems as well. :)
regards,
-mika-
Reply to: