Hi, I was about to report a bug about xen-tools missing a Depends or Recommends on openssh-client because it calls ssh-keygen of the host in the 70-install-ssh hook when I discovered this bug and thought it should be resolved beforehand.
On Wed, Aug 24, 2011 at 05:07:45PM -0700, Vagrant Cascadian wrote: > i'm still not entirely sure it needs to manually generate the keys at > all, but at least this would handle existing keys properly. I was just recently generating a xen image from a tarball and having the hooks generate a new ssh key for me automatically was much appreciated. Since the post install script of openssh server already attempts to create a host keypair but one would also want a fresh keypair when creating an image from a tarball I suggest the following behaviour: --install-method=debootstrap/cdebootstrap/rinse/rpmstrap - generate a new host keypair only if there for some reason the creation by the postinst script failed --install-method=tar/copy - generate a new host keypair overwriting the existing one would this be a sane behaviour? one would normally want to have a new host keypair when generating from an existing tarball, right? if 70-install-ssh stays, then adding a depends/recommends on openssh-client should be added. sadly ssh-keygen doesnt allow to force overriding existing keys without asking back - having this option as a commandline argument would be a possible wishlist bug for openssh-client. cheers, josch -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org