I have confirmed that this is an issue for the latest daily Lucid AMI:
ami-5936db30
ubuntu-images-testing-us/ubuntu-lucid-daily-i386-server-20100113.manifest.xml
ubu...@domu-12-31-39-04-08-b2:~$ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
2048 15:46:e4:66:e3:60:b8:89:fe:d3:65:aa:7a:77:4e:cd
/etc/ssh/ssh_host_rsa_key.pub (RSA)
ubu...@domu-12-31-39-04-08-65:~$ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
2048 15:46:e4:66:e3:60:b8:89:fe:d3:65:aa:7a:77:4e:cd
/etc/ssh/ssh_host_rsa_key.pub (RSA)
I have confirmed that this is *not* an issue for the released Karmic
AMI:
ami-1515f67c
ubuntu-images-us/ubuntu-karmic-9.10-i386-server-20091027.1.manifest.xml
ubu...@domu-12-31-39-02-60-41:~$ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
2048 33:d7:a2:7d:ba:96:b0:e3:d7:f2:2e:be:04:24:38:ed
/etc/ssh/ssh_host_rsa_key.pub (RSA)
ubu...@domu-12-31-39-02-61-24:~$ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
2048 4e:e1:93:4c:31:9a:c8:f7:c7:f4:b0:6a:56:e1:97:78
/etc/ssh/ssh_host_rsa_key.pub (RSA)
I did not test the latest daily Karmic AMI, but that should be checked
before new Karmic AMIs are released.
I started the importance to "High" since this effectively makes ssh
unencrypted to a man in the middle which is a serious security issue for
people who care about security. (Yes, I realize that most users don't
check fingerprints on EC2, but it should at least be possible to be
secure.)
** Changed in: ec2-init (Ubuntu)
Status: New => Confirmed
** Changed in: ec2-init (Ubuntu)
Importance: Undecided => High
--
ssh keys not regenerated on first boot
https://bugs.launchpad.net/bugs/507070
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
