Linux: Regenerate SSH host keys

Linux: Regenerate SSH host keys2022-01-14

Fedora and CentOS automatically regenerate SSH host keys on bootup if the key files are missing. This makes it easy to trigger regeneration as you simply remove the keys, and reboot the server. Other distributions are not quite as forgiving and require manual intervention. These are the steps I've used on Debian to get updated host keys.

rm /etc/ssh/ssh_host_*
ssh-keygen -f /etc/ssh/ssh_host_rsa_key     -N '' -q -t rsa
ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key   -N '' -q -t ecdsa
ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N '' -q -t ed25519

ls /etc/ssh/*key* -lsh

systemctl restart sshd

Tags:

Debian

keys

Linux

SSH

Leave A Reply - 2 Replies

Replies

Chris 2022-05-28 03:09am - vikas@... - Logged IP: 2405:201:601f:58a8:f141:3c84:3096:c18a

I had an issue with 4 node DAG set up where multi role installed. ECP and OWA crashed keep crashing after CU13 updated. I did startdagmaintenacemode.ps1 to put the server DAGs in maintenace mode and please visit us: https://www.ezeelogin.com

FeRD (Frank Dana) 2023-10-18 12:40am - ferdnyc@... - Logged IP: 144.62.168.237

Even easier is probably this:

rm /etc/ssh/ssh_host_*
apt reinstall openssh-server

The .deb package will also generate new valid keys on install, IF the empty keyfiles aren't there.

All content licensed under the Creative Commons License