1

In the /etc/ssh directory exists the following content:

moduli      sshd_config           ssh_host_ecdsa_key      ssh_host_ed25519_key      ssh_host_rsa_key      ssh_import_id
ssh_config  sshd_config.ucf-dist  ssh_host_ecdsa_key.pub  ssh_host_ed25519_key.pub  ssh_host_rsa_key.pub

I can see practically two categories:

  1. public/private keys
  2. configuration files

If any of those files for any of these categories is deleted by mistake.

How that file can be re-generated? Is possible?, How? it according of each category (1 or 2)

pa4080
  • 29,831
Manuel Jordan
  • 1,768
  • 7
  • 30
  • 50
  • 2
    If you are concerned that these files can be deleted "by mistake", I would strongly advise one of two things: (1) have really good backups with an automated process that runs regularly (2) perform whatever destructive operations you plan on using within a virtual machine first, then run them on your system after confirming that mistakes did not happen. I've been using Linux since the mid-90s and cannot think of a single time when I deleted anything in /etc/ssh "by mistake" ... aside from those times I destroyed partitions with a poorly written dd command ... – matigo Sep 08 '21 at 01:52
  • 2
    The old key cannot be re-constructed (that would defeat the entire purpose of key-based authentication). You must create a new key. "deleted by mistake" is why you have backups. – user535733 Sep 08 '21 at 01:52
  • I know that /etc/ssh asks for the root/admin password - but I am curious if exists a way to recreate that files (mostly about the keys) - according with You must create a new key is possible - that files are very different from .ssh directory - so I am assuming other commands enter in action – Manuel Jordan Sep 08 '21 at 01:57
  • Keys must be unique if they are to be of any use. If a person could re-create them, then encryption would be a myth. – matigo Sep 08 '21 at 01:58
  • Understood - but is possible generate new ones with new values? - in this case the clients must update their known_hosts files according the new values (for a new connection - how the first time when they receive the host's fingerprint) - Am I correct? – Manuel Jordan Sep 08 '21 at 02:02
  • 1
    You can generate as many new keys as you like. Generating new keys is trivial. Be clear when you say "client": The ssh client has the un-reproducable private key. The ssh server has only the public key. The ssh client must transmit the new public key (corresponding to the new private key) to the ssh server. This usually requires admin assistance, since the ssh client cannot login until the new public key is installed in the ssh server. That's not a trivial operation...unless you also happen to be an admin of the ssh server. – user535733 Sep 08 '21 at 02:50
  • Yes about the client (.ssh), where I can generate any time the pair keys and send/put the value of the public key to the .ssh/authorized_keys file in the server- but here the post is about server, where in the /etc/ssh directory there are some keys values that are sent for the clients for their first ssh connection - one about the finger print (ECDSA) and the other a copy of the public key of the server to the .ssh/known_hosts in the client – Manuel Jordan Sep 08 '21 at 03:02
  • Are you trying to prevent the fingerprint warning on an ssh client? – user535733 Sep 08 '21 at 03:54
  • 1
    Does this answer your question? How can I restore configuration files? and https://askubuntu.com/questions/600584/error-could-not-load-host-key-when-trying-to-recreate-ssh-host-keys – muru Sep 08 '21 at 07:35

1 Answers1

3

In Ubuntu the OpenSSH client/server configuration files are:

  • /etc/ssh/sshd_config - the configuration file of the SSH server (daemon). Additional configuration files could be added in the directory /etc/ssh/sshd_config.d/ and their file extensions must be .conf (these are invoked in the beginning of /etc/ssh/sshd_config).

  • /etc/ssh/ssh_config - system wide configuration file for the SSH client, the settings in this file are applied to all users. Additional configuration files could be added in the directory /etc/ssh/ssh_config.d/ and their file extensions must be .conf (these are invoked in the beginning of /etc/ssh/ssh_config).

  • ~/.ssh/config - a personal configuration file for the SSH client. This file is located in the user's home directory within a special directory named .ssh. The directory itself must have private permissions (700), and the files inside also must be private (600).

The public/private keys are possession of a user, thus they are private :) By default they are located in user's directory ~/.ssh.

In this answer of mine in sections 1 and 2 is described how to setup key based SSH authentication: https://askubuntu.com/a/986245/566421

Here is an example of a case in which the SSH keys are not located in the user's home directory: https://askubuntu.com/a/882379/566421

If you want to recreate the directory /etc/ssh you could purge the OpenSSH client and server then reinstall them (but you may not need this):

sudo apt update
sudo apt purge openssh-client openssh-server
sudo rm -R /etc/ssh
sudo apt install openssh-client openssh-server
pa4080
  • 29,831
  • Practically the latest one seems be the more practical - but of course all the clients must have updated with the new keys of the server - it for the scenario for a small LAN – Manuel Jordan Sep 17 '21 at 16:22