debian: Support ssh host keys regeneration

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

debian: Support ssh host keys regeneration
ce68d5b4 · Stéphane Graber · 040f1c40 · ce68d5b4
Commit ce68d5b4 authored Jan 14, 2014 by Stéphane Graber
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 0 deletions

lxc-debian.in templates/lxc-debian.in +24 -0

No files found.
--- a/templates/lxc-debian.in
+++ b/templates/lxc-debian.in
@@ -93,6 +93,30 @@ EOF
    chroot $rootfs /usr/sbin/update-rc.d -f hwclock.sh remove
    chroot $rootfs /usr/sbin/update-rc.d -f hwclockfirst.sh remove

+    # generate new SSH keys
+    if [ -x $rootfs/var/lib/dpkg/info/openssh-server.postinst ]; then
+        cat > $rootfs/usr/sbin/policy-rc.d << EOF
+#!/bin/sh
+exit 101
+EOF
+        chmod +x $rootfs/usr/sbin/policy-rc.d
+
+        if [ -f $rootfs/etc/init/ssh.conf ]; then
+            mv $rootfs/etc/init/ssh.conf $rootfs/etc/init/ssh.conf.disabled
+        fi
+
+        rm -f $rootfs/etc/ssh/ssh_host_*key*
+
+        DPKG_MAINTSCRIPT_PACKAGE=openssh DPKG_MAINTSCRIPT_NAME=postinst chroot $rootfs /var/lib/dpkg/info/openssh-server.postinst configure
+        sed -i "s/root@$(hostname)/root@$hostname/g" $rootfs/etc/ssh/ssh_host_*.pub
+
+        if [ -f "$rootfs/etc/init/ssh.conf.disabled" ]; then
+            mv $rootfs/etc/init/ssh.conf.disabled $rootfs/etc/init/ssh.conf
+        fi
+
+        rm -f $rootfs/usr/sbin/policy-rc.d
+    fi
+
    # set initial timezone as on host
    if [ -f /etc/timezone ]; then
        cat /etc/timezone > $rootfs/etc/timezone