SSH keys change after reboot on VirtualBix Topic is solved

Having issues with your DietPi installation, or, found a bug? Post it here.
Post Reply
wolfsden3

SSH keys change after reboot on VirtualBix

Post by wolfsden3 »

I am trying out dietpi on Virtual box. I installed openssh-server with apt-get and when I reboot the unit the ssh keys change. Why would that be happening? I've never seen this behavior on other boxes I've installed openssh-server onto.

I get warnings when connecting of key store changes.

Thanks.
User avatar
Fourdee
Site Admin
Posts: 2788
Joined: Tue Feb 06, 2007 1:36 pm

Re: SSH keys change after reboot on VirtualBix

Post by Fourdee »

wolfsden3 wrote:I am trying out dietpi on Virtual box. I installed openssh-server with apt-get and when I reboot the unit the ssh keys change. Why would that be happening? I've never seen this behavior on other boxes I've installed openssh-server onto.

I get warnings when connecting of key store changes.

Thanks.
Hi,

Dropbear is installed by default. Installing OpenSSH server will always generate new SSH keys, if its not currently installed, its part of the apt install.

DietPi also generates SSH keys for Dropbear during 1st run setup, to ensure unique SSH keys.
If you find our project or support useful, then we’d really appreciate it if you’d consider contributing to the project however you can.
Donating is the easiest – you can use PayPal or become a DietPi patron.
wolfsden3

Re: SSH keys change after reboot on VirtualBix

Post by wolfsden3 »

Yes but on no other server does it continually create keys. Also...from what I've read Dropbear is a dead project so me no wanna use Dropbear and I don't know why you want to either...you only save like 2-4 meg of RAM and with all the other savings I prefer functionality over that type of savings...anyway.

I just tested both a reboot AND a shut down > start. It's not doing it anymore which is awesome and the way it's supposed to behave. It was giving me this but is no longer giving me this error:

Code: Select all

ssh root@192.168.1.122
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:Gcze7SPL3qYp06ZnbeQSJcZKweyGuV4Wno6vqbJtaMw.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/user/.ssh/known_hosts:28
RSA host key for 192.168.1.122 has changed and you have requested strict checking.
Host key verification failed.
I guess this isn't a bug then!

BTW...so far I'm LOVING DietPi and when I start to put my IoT devices in I'll be sending DietPi a monthly commish ;)
Post Reply