From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6943578040844681216 X-Received: by 2002:a17:906:f1d7:: with SMTP id gx23mr9194384ejb.109.1617876137664; Thu, 08 Apr 2021 03:02:17 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a17:906:22c9:: with SMTP id q9ls2866465eja.11.gmail; Thu, 08 Apr 2021 03:02:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy6KztwOWXAJZf6bM4Gx91hgHCZbukNqxAPP4GPTzobF8MP2xqf+V7qDDenojEHwUdiTmMN X-Received: by 2002:a17:906:bd2:: with SMTP id y18mr9212542ejg.482.1617876136760; Thu, 08 Apr 2021 03:02:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617876136; cv=none; d=google.com; s=arc-20160816; b=zyydass2iy11pDEh+LNOY2ThfPy2fnNNpXg1ZaFa52GxrXVFW71EY2EGQsNXcsSz8S huoIn9VUj/1ghWke1ibEYTng1friEJ+Gqq8M5vPDUt8sV6qPzOj1QrZwGSoiANsckDoa f5Mqtej0r00LL6+F9anQezhObF470HNc7JbfYAYdbUymhlW/AEq0XVJh/AA0BBQWv6Ot ixDVyO2CrK0fUc8xlO0K8eU/jLr+bHTmhGQAZzrMijXRGwl5fspm2b3JTiC6XhwDH/iX Mjc7oWKIn3cAswzJOAsBa40FGEO9kMoTaRWWAkU84YQ7TFau4okeeMJAwGePZgOH0p+Q NcwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-language:content-transfer-encoding:in-reply-to:mime-version :user-agent:date:message-id:from:references:cc:to:subject; bh=1VLX9Nqq0+jr6Fmj5vi0cVZLNU23Vq4ltGoLGzbMfRU=; b=frjFITnU3AzRupDmOlRM1ovBX5EMIAn8ass0+3L1JxP5tJUk/aaXK/ALr7bNOaFCex eDG3aSaTpzcpV7YXZvh1oWmRpyazMJEfukJMSMd9pIBuHVuvmI2zv9FdwPclER43aEtc MymbbwYrwazQGrl/uufdv+YpstWF4GaomYUs3NxnqAE560HrwNt6GnOEl7LAkiy20Uv9 H7M56o4QyCFnN+MuWpZz8GTAyi1LXN0KJ2x0owpMXvpUULc0VO2VSpKp4tT7LOd8GlUV cMzfJv4c70/pgpI/GaXEMbOOicZ8FuZs+48Gi+p+2mfzmKgNoTLmkiJVMSW17i9Y6Mas vC/w== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de Return-Path: Received: from shymkent.ilbers.de (shymkent.ilbers.de. [85.214.156.166]) by gmr-mx.google.com with ESMTPS id f23si822900ejc.1.2021.04.08.03.02.16 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Thu, 08 Apr 2021 03:02:16 -0700 (PDT) Received-SPF: pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of amikan@ilbers.de designates 85.214.156.166 as permitted sender) smtp.mailfrom=amikan@ilbers.de Received: from [192.168.67.164] (mm-189-44-214-37.mgts.dynamic.pppoe.byfly.by [37.214.44.189] (may be forged)) (authenticated bits=0) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8) with ESMTPSA id 138A2DBa001294 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 8 Apr 2021 12:02:14 +0200 Subject: Re: [PATCH v2] sshd-regen-keys: Improve service, make more robust To: Henning Schild , isar-users Cc: Jan Kiszka , Harald Seiler References: <20210330101722.10371-1-henning.schild@siemens.com> From: Anton Mikanovich Message-ID: Date: Thu, 8 Apr 2021 13:02:08 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: <20210330101722.10371-1-henning.schild@siemens.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-TUID: eRjm1flBudZM 30.03.2021 13:17, Henning Schild wrote: > Switch to using "/usr/bin/ssh-keygen -A" instead of dpkg-reconfigure. > With this we would generate new host keys every time the service starts > and no keys exist. Removing the keys from openssh-server in a postinst > makes it complete so that we really only generate on the first boot. > > This is easier to handle that reusing the debian package hooks for key > generation. > > Signed-off-by: Henning Schild Applied to next, thanks. -- Anton Mikanovich Promwad Ltd. External service provider of ilbers GmbH Maria-Merian-Str. 8 85521 Ottobrunn, Germany +49 (89) 122 67 24-0 Commercial register Munich, HRB 214197 General Manager: Baurzhan Ismagulov