From 7301afe9b97875aa80dc4ef1b610a9402b7466d9 Mon Sep 17 00:00:00 2001 From: David Galloway Date: Thu, 8 Jan 2026 12:53:04 -0500 Subject: [PATCH] prep-fog-capture: systemd unit to generate host ssh keys Ubuntu does not automatically regenerate SSH host keys after image-based deployments. When keys are removed prior to FOG capture, sshd fails to start on redeploy. Add a one-shot systemd service to regenerate host keys on first boot and disable itself after running. Signed-off-by: David Galloway --- tools/prep-fog-capture.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/tools/prep-fog-capture.yml b/tools/prep-fog-capture.yml index d0aec2dd..260e2890 100644 --- a/tools/prep-fog-capture.yml +++ b/tools/prep-fog-capture.yml @@ -61,6 +61,35 @@ path: /var/lib/ceph state: unmounted + - name: Install one-shot service to regenerate SSH host keys on first boot + copy: + dest: /etc/systemd/system/regen-ssh-hostkeys.service + owner: root + group: root + mode: '0644' + content: | + [Unit] + Description=Regenerate SSH host keys on first boot + ConditionPathExists=!/etc/ssh/ssh_host_ed25519_key + Before=ssh.service + + [Service] + Type=oneshot + ExecStart=/usr/bin/ssh-keygen -A + ExecStartPost=/bin/systemctl disable regen-ssh-hostkeys.service + + [Install] + WantedBy=multi-user.target + + - name: Reload systemd daemon + systemd: + daemon_reload: true + + - name: Enable regen-ssh-hostkeys.service + systemd: + name: regen-ssh-hostkeys.service + enabled: true + - name: Get list of SSH host keys shell: "ls -1 /etc/ssh/ssh_host_*" register: ssh_host_keys -- 2.47.3