Hi,
I was about to report a bug about xen-tools missing a Depends or
Recommends on openssh-client because it calls ssh-keygen of the host in
the 70-install-ssh hook when I discovered this bug and thought it should
be resolved beforehand.
On Wed, Aug 24, 2011 at 05:07:45PM -0700, Vagrant Cascadian wrote:
> i'm still not entirely sure it needs to manually generate the keys at
> all, but at least this would handle existing keys properly.
I was just recently generating a xen image from a tarball and having the
hooks generate a new ssh key for me automatically was much appreciated.
Since the post install script of openssh server already attempts to
create a host keypair but one would also want a fresh keypair when
creating an image from a tarball I suggest the following behaviour:
--install-method=debootstrap/cdebootstrap/rinse/rpmstrap
- generate a new host keypair only if there for some reason the
creation by the postinst script failed
--install-method=tar/copy
- generate a new host keypair overwriting the existing one
would this be a sane behaviour? one would normally want to have a new
host keypair when generating from an existing tarball, right?
if 70-install-ssh stays, then adding a depends/recommends on
openssh-client should be added.
sadly ssh-keygen doesnt allow to force overriding existing keys without
asking back - having this option as a commandline argument would be a
possible wishlist bug for openssh-client.
cheers, josch
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
