Linux: Regenerate SSH host keys
Fedora and CentOS automatically regenerate SSH host keys on bootup if the key files are missing. This makes it easy to trigger regeneration as you simply remove the keys, and reboot the server. Other distributions are not quite as forgiving and require manual intervention. These are the steps I've used on Debian to get updated host keys.
rm /etc/ssh/ssh_host_*
ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -q -t rsa
ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N '' -q -t ecdsa
ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N '' -q -t ed25519
ls /etc/ssh/*key* -lsh
systemctl restart sshd
Leave A Reply
- 2 Replies
Replies
May 28th 2022 - Chris
I had an issue with 4 node DAG set up where multi role installed. ECP and OWA crashed keep crashing after CU13 updated. I did startdagmaintenacemode.ps1 to put the server DAGs in maintenace mode and please visit us: https://www.ezeelogin.com
October 18th 2023 - FeRD (Frank Dana)
Even easier is probably this:
rm /etc/ssh/ssh_host_*
apt reinstall openssh-serverThe .deb package will also generate new valid keys on install, IF the empty keyfiles aren't there.