Re-generate ssh host keys on OpenBSD

OpenSSH banner


I’m using OpenBSD 5.3 virtual machines running under either Virtual Box or Qemu. When I clone the hard drive, I need to create a new set of ssh keys for the server. If I just delete the old keys, sshd will not restart.

rm /etc/ssh/*key*

– will break stuff. So the correct way to do it (that works for me) is:

# /etc/rc.d/sshd stop
# mkdir /etc/ssh/old
# mv /etc/ssh/*key* /etc/ssh/old
# ssh-keygen -A

When the new keys have been generated, then I can re-start sshd. Once it’s started then I can delete the old keys.

# /etc/rc.d/sshd start
# rm -rf /etc/ssh/old

– and everything is rosy again.

Leave a Reply

Your email address will not be published. Required fields are marked *