Bug 805540 - rhev-h regenerates SSH host keys on every system boot
rhev-h regenerates SSH host keys on every system boot
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ovirt-node (Show other bugs)
6.2
x86_64 Linux
high Severity high
: rc
: ---
Assigned To: Fabian Deutsch
Virtualization Bugs
:
: 834728 (view as bug list)
Depends On: 799333
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-21 10:40 EDT by Marko Myllynen
Modified: 2016-04-26 10:18 EDT (History)
11 users (show)

See Also:
Fixed In Version: ovirt-node-2.3.0-1.el6
Doc Type: Bug Fix
Doc Text:
Previously, the Hypervisor's SSH key was regenerated on every boot. Now, the SSH key is generated during installation and persisted to disk. This ensures that the key is only generated once.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-07-19 10:19:41 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marko Myllynen 2012-03-21 10:40:08 EDT
Description of problem:
After installing and configuring rhev-h everything works as expected but if the host is rebooted the SSH host keys are being regenerated on every boot. This can be seen when booting without the rhgb boot parameter or trying to ssh into the host.

Version-Release number of selected component (if applicable):
20120209.0.el6_2
Comment 1 Mike Burns 2012-03-23 08:06:04 EDT
Patch is available and merged upstream.  Just need backport
Comment 3 Guohua Ouyang 2012-03-30 23:04:27 EDT
Verified on 6.3-20120330.0, 
1. ssh to rhevh host successfully.
2. reboot rhevh host.
3. after rhevh host is up, ssh to rhevh host again is successfully.

try several times, can ssh to rhevh host after reboot it.

set bug status to be verified.
Comment 4 Mike Burns 2012-06-13 12:51:41 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Previously, RHEV-H would regenerate it's ssh keys on every boot.  Now, the ssh key is generated during installation and persisted to disk so that it will not be regenerated each boot.
Comment 5 Stephen Gordon 2012-06-13 15:01:31 EDT
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1 @@
-Previously, RHEV-H would regenerate it's ssh keys on every boot.  Now, the ssh key is generated during installation and persisted to disk so that it will not be regenerated each boot.+Previously, the Hypervisor's SSH key would be regenerated on every boot.  Now, the SSH key is generated during installation and persisted to disk so that it will not be regenerated each time the Hypervisor boots.
Comment 6 Stephen Gordon 2012-06-13 15:04:48 EDT
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1 +1 @@
-Previously, the Hypervisor's SSH key would be regenerated on every boot.  Now, the SSH key is generated during installation and persisted to disk so that it will not be regenerated each time the Hypervisor boots.+Previously, the Hypervisor's SSH key was regenerated on every boot. Now, the SSH key is generated during installation and persisted to disk. This ensures that the key is only generated once.
Comment 7 Mike Burns 2012-06-22 19:34:32 EDT
*** Bug 834728 has been marked as a duplicate of this bug. ***
Comment 9 errata-xmlrpc 2012-07-19 10:19:41 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0741.html

Note You need to log in before you can comment on or make changes to this bug.