PiShrink icon indicating copy to clipboard operation
PiShrink copied to clipboard

Published 20 hours ago verified publisher icon Drewsif

Activate service to regenerate ssh host keys after said keys cleanup

Open gromain opened this issue 5 years ago • 2 comments

When PiShrink removes the hosts keys from the image, the said keys are not regenerated on the following first boot. The ssh service will then not be available, since there are no host keys.

One way to solve the problem would be to activate the regenerate_ssh_host_keys systemd service provided by Raspberry OS.

This could be done in the mounted filesystem by creating the following symlink: sudo ln -s /lib/systemd/system/regenerate_ssh_host_keys.service etc/systemd/system/multi-user.target.wants/regenerate_ssh_host_keys.service.

I think #73 was linked to this issue.

gromain avatar Oct 17 '20 11:10 gromain

+1 on this. It renders a headless pi inaccessible. If you run the script without -p it does not accept the correct password.

alexanderfitu avatar Jul 04 '21 18:07 alexanderfitu

When PiShrink removes the hosts keys from the image, the said keys are not regenerated on the following first boot. The ssh service will then not be available, since there are no host keys.

I can confirm. When i use pishrink with parameter -p, the ssh will not start when i use the image in further time. To get the ssh service back, i use raspi-config to enable it again, but that's a fool solution ;-)

Starwhooper avatar Jul 10 '21 12:07 Starwhooper

When PiShrink removes the hosts keys from the image, the said keys are not regenerated on the following first boot. The ssh service will then not be available, since there are no host keys.

One way to solve the problem would be to activate the regenerate_ssh_host_keys systemd service provided by Raspberry OS.

This could be done in the mounted filesystem by creating the following symlink: sudo ln -s /lib/systemd/system/regenerate_ssh_host_keys.service etc/systemd/system/multi-user.target.wants/regenerate_ssh_host_keys.service.

I think #73 was linked to this issue.

Not sure what the status of this repo is, but I implemented your idea in a pull request. I tested it on the latest bullseye image and it works great! https://github.com/Drewsif/PiShrink/pull/244

shatteredsword avatar Oct 10 '22 18:10 shatteredsword

currently working on a revision for non-raspbian OS images and possibly support for dropbear, cause why not

shatteredsword avatar Oct 21 '22 21:10 shatteredsword

Not sure what the status of this repo is,

Last commit is from 8/16/2021. As far as I can see it's no longer maintained.

framps avatar Oct 21 '22 21:10 framps

Still alive, just focused on other things. Will eventually review your PR, I do appreciate the contribution though.

Drewsif avatar Oct 24 '22 18:10 Drewsif

I don't like the way cleanup is currently done and am looking into better options

Drewsif avatar Feb 14 '23 06:02 Drewsif