debian: Support ssh host keys regeneration

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
lxc · Jan 15, 2014 · ce68d5b · ce68d5b
1 parent 040f1c4
commit ce68d5b
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/templates/lxc-debian.in b/templates/lxc-debian.in
@@ -93,6 +93,30 @@ EOF
     chroot $rootfs /usr/sbin/update-rc.d -f hwclock.sh remove
     chroot $rootfs /usr/sbin/update-rc.d -f hwclockfirst.sh remove
 
+    # generate new SSH keys
+    if [ -x $rootfs/var/lib/dpkg/info/openssh-server.postinst ]; then
+        cat > $rootfs/usr/sbin/policy-rc.d << EOF
+#!/bin/sh
+exit 101
+EOF
+        chmod +x $rootfs/usr/sbin/policy-rc.d
+
+        if [ -f $rootfs/etc/init/ssh.conf ]; then
+            mv $rootfs/etc/init/ssh.conf $rootfs/etc/init/ssh.conf.disabled
+        fi
+
+        rm -f $rootfs/etc/ssh/ssh_host_*key*
+
+        DPKG_MAINTSCRIPT_PACKAGE=openssh DPKG_MAINTSCRIPT_NAME=postinst chroot $rootfs /var/lib/dpkg/info/openssh-server.postinst configure
+        sed -i "s/root@$(hostname)/root@$hostname/g" $rootfs/etc/ssh/ssh_host_*.pub
+
+        if [ -f "$rootfs/etc/init/ssh.conf.disabled" ]; then
+            mv $rootfs/etc/init/ssh.conf.disabled $rootfs/etc/init/ssh.conf
+        fi
+
+        rm -f $rootfs/usr/sbin/policy-rc.d
+    fi
+
     # set initial timezone as on host
     if [ -f /etc/timezone ]; then
         cat /etc/timezone > $rootfs/etc/timezone