On Wed, 2019-12-11 at 18:00 +0100, Joakim Tjernlund wrote: > On Wed, 2019-12-11 at 23:53 +0800, Matt Johnston wrote: > > Hi Joakim, > > > > The server needs to be stopped and restarted. If this is for new keys at > > first-boot you could look at the -R option. > > It's not first boot :( > This is when a user wants to replace the current keys for some reason. > Ideally the > next new session should read the new keys automatically. > > In out case we cannot just restart dropbear and rebooting just for new keys > is not an option either. > Could dropbear gain automatic reread of keys ? >
W.r.t -R option, will it dectect a bad key and regenerate a new one ? One problem we have with using -R is that we need to convert dropbear keys to openssh format as well and I cannot see a way to automatically trigger dropbearconvert etc. if we do use -R, is there a way? Jocke