Am 12.12.2019 13:01, schrieb Joakim Tjernlund:
> On Wed, 2019-12-11 at 18:00 +0100, Joakim Tjernlund wrote:
>> On Wed, 2019-12-11 at 23:53 +0800, Matt Johnston wrote:
>>> Hi Joakim,
>>>
>>> The server needs to be stopped and restarted. If this is for new keys at
>>> first-boot you could look at the -R option.
>>
>> It's not first boot :(
>> This is when a user wants to replace the current keys for some reason.
>> Ideally the
>> next new session should read the new keys automatically.
>>
>> In out case we cannot just restart dropbear and rebooting just for new keys
>> is not an option either.
>> Could dropbear gain automatic reread of keys ?
>>
>
> W.r.t -R option, will it dectect a bad key and regenerate a new one ?
> One problem we have with using -R is that we need to convert dropbear keys to
> openssh
> format as well and I cannot see a way to automatically trigger
> dropbearconvert etc.
> if we do use -R, is there a way?
>
> Jocke
Can you use brute force ?
Kill the sshd that should cause a restart
of the daemon no matter what (killall -9 sshd)
re,
wh
