Recreate SSH host keys?

Status
Not open for further replies.
lumbric

lumbric

Dabbler
Joined
Dec 26, 2012
Messages
10
I set up two nearly identical FreeNAS machines. Therefore I used the configuration of the first one and imported it in a fresh image for the second one. Of course some things have to be changed. The harddisk configuration, the hostname, the admin password (did I forget to change something important?).

Well and then I should recreate the SSH host keys... How can this be done in FreeNAS?
As far as I know I cannot recrate them simply in /etc/ssh as I would do when cloning a *NIX server. The FAQ tells me why this can't be done:
http://forums.freenas.org/faq.php?faq=general_freenas#faq_filesystem_changes
http://forums.freenas.org/showthrea...-files-disappearing-on-reboot&p=5817#post5817

Is there a way to simply delete the keys and reenable the service or so?
 
T

tingo

Contributor
Joined
Nov 5, 2011
Messages
137
I'm guessing that doing
Code:
service sshd keygen
as root only tells you that you already have keys?
 
T

tingo

Contributor
Joined
Nov 5, 2011
Messages
137
A bit more digging has revealed that the kerys are stored in the database:
Code:
[root@kg-f5] ~# sqlite3 /data/freenas-v1.db "PRAGMA table_info([services_ssh])"
0|ssh_host_dsa_key|text|0||0
1|ssh_host_rsa_key_pub|text|0||0
2|ssh_host_ecdsa_key_pub|text|0||0
3|ssh_host_key|text|0||0
4|ssh_passwordauth|bool|1|0|0
5|ssh_options|text|1||0
6|ssh_tcpport|integer unsigned|1||0
7|ssh_privatekey|text|1||0
8|ssh_compression|bool|1|0|0
9|ssh_host_key_pub|text|0||0
10|ssh_rootlogin|bool|1|0|0
11|ssh_tcpfwd|bool|1|0|0
12|ssh_host_rsa_key|text|0||0
13|ssh_host_ecdsa_key|text|0||0
14|id|integer|0||1
15|ssh_host_dsa_key_pub|text|0||0

But I do not know about an easy way to force FreeNAS to generate new keys.
 
lumbric

lumbric

Dabbler
Joined
Dec 26, 2012
Messages
10
Thanks for your hints! In the end, I set up a fresh and new second FreeNAS install, because I made also some other mistakes. Anyway I tried your first suggestion which gives me the following error message:
Code:
# service sshd keygen
Will not 'keygen' sshd because sshd_enable is NO.


Your idea to edit the database is interesting, but I don't know how to.
 
W

wizmin

Cadet
Joined
Jan 28, 2013
Messages
6
lumbric said:
Thanks for your hints! In the end, I set up a fresh and new second FreeNAS install, because I made also some other mistakes. Anyway I tried your first suggestion which gives me the following error message:
Code:
# service sshd keygen
Will not 'keygen' sshd because sshd_enable is NO.


Your idea to edit the database is interesting, but I don't know how to.
Click to expand...

Are you trying to Create New SSH Keys if so
You can try this

Code:
freenas# ssh-keygen -t rsa


The reason you get 'sshd_enable is NO.' its beause you dont have SSH Enable in the '/etc/rc.conf' or its not enable in the Services

Hope this helps..
 
Status
Not open for further replies.

Similar threads

K
Cannot find exact location of any and all SSH host key files.
Replies
2
Views
3K
karikamiya
K
websmith
SOLVED FreeNAS reboot changes ssh keys
Replies
2
Views
1K
websmith
websmith
B
  • Locked
Problem setting up SSH between two FreeNAS servers (for snapshot replication)
Replies
8
Views
6K
mikeyr
M
travalon
  • Locked
New to SSH keys
Replies
6
Views
12K
travalon
travalon
S
  • Locked
SSH Host key changed unexpectedly: How to verify host integrity
Replies
7
Views
5K
saurav
S
Top