[Ovmsdev] How to reset the sshd server key?
casner at acm.org
Sat Feb 5 14:34:02 HKT 2022
> I was configuring a new module and I must have fat-fingered the zip pw for
> config backup (reminder to self: always leave it empty so the module pw is
> used). I wanted the new module to have a different sshd server key but
> couldn't figure out how to do it. I tried things like:
> config rm ssh.server key
> but couldn't get "config list ssh.info" to change. Is there a way to do it? If
> not, is it hard to add?
When I tried "config rm ssh.server key" it said the key was removed,
and indeed, "config list ssh.server" no longer showed an instance
"key". The "config rm" code is generic for any param, though, with no
means to specify that if the ssh.server key is removed then the
ssh.info fingerprint should also be removed. The host key generation
code writes both of those params.
At that point I could still ssh to the unit again in another window,
but after I did "module reset" to reboot then the unit was not
accessible until it completed generation of a new host key. After
that "config list ssh.info" showed a new fingerprint.
My unit is running 3.2.016-295-g2eb24636-dirty/ota_0/main.
> Prior to this method-of-last-resort I tried "config list ssh.server 0A132..."
> but the ssh interface truncates the ~2K string of hex digits.
Did you mean set not list? "config set ssh.server key 0A132..."?
But the server key is stored as binary, so entering hex there would
not produce a useful result even if not truncated.
I see that it is possible to write a bogus value into the ssh.server
key, though, which would break ssh access. I did rm again and
rebooted to generate a new host key again.
More information about the OvmsDev