Hi, Thanks for using cloud-init and filing this bug report! This behaviour is designed to protect users from a common mistake: capturing an instance as an image and therefore ending up with the same SSH host keys across multiple instances. For the vast majority of users, this is the sensible default behaviour, so we are unlikely to change it.
However, cloud-init _does_ allow you to configure your own host keys if, like you, you have specific requirements around them. See https://cloudinit.readthedocs.io/en/latest/topics/modules.html#ssh for full details, but instead of using write_files, you'll want to use something like: ssh_keys: rsa_private: | -----BEGIN RSA PRIVATE KEY----- MIIBxwIBAAJhAKD0YSHy73nUgysO13XsJmd4fHiFyQ+00R7VVu2iV9Qco ... -----END RSA PRIVATE KEY----- rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7Xd ... (This has the added benefit over write_files/ssh_deletekeys=False that it will clear out any stale host keys that you aren't specifying, so you won't accidentally carry stale keys around with any image captures.) Thanks! Dan P.S. As there isn't any cloud-init work to be done here, I'm going to mark this bug as Invalid. If you have any further questions or comments, please don't hesitate to reply despite that! ** Changed in: cloud-init Status: New => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to cloud-init. https://bugs.launchpad.net/bugs/1839473 Title: Cloudinit can't set ssh certificate Status in cloud-init: Invalid Bug description: Don't delete things under /etc/ssh. If you use write_files to add a SSH certificate like ssh_host_ecdsa_key-cert.pub, it doesn't work because it deletes everything. You have to set ssh_deletekeys to false to prevent it from deleting things but then you have the other key types under /etc/ssh which you may not want. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-init/+bug/1839473/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp