In the light of the Github hastily replacing their RSA ssh host key,
I wondered how one could rotate ssh keys properly, without having to manage a
PKI, and without
having the scary @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
shown
to users.
Fortunately, host-key rotation was added in OpenSSH
6.8, almost 10 years ago, and was documented
in two
blogspots by
djm. It's pretty straightforward: one
simply has to generate a new key with ssh-keygen
, and add it to the
/etc/ssh/sshd_config
via the Hostkey
directive, and to reload sshd.
Because UpdateHostKeys
is enabled by default client-side, clients will
automatically add and remove keys to UserKnownHostsFile
. To mark the
key as revoked, it needs to be added to /etc/ssh/ssh_revoked_hosts
, and
RevokedHostKeys /etc/ssh/ssh_revoked_hosts
added to the .ssh/config
file. One
should also remove the keys from the .ssh/known_hosts
file, albeit this will
be done automatically once the key is removed from the server's
/etc/ssh/sshd_config
, upon the client's next connection.
There is currently no way for servers to communicate to the user that a certain
key is revoked, except by adding it to RevokedHostsKeys
, but this will only
prevent users from using it to connect to this particular server, not globally.
But this doesn't really matter, since a user will still get the
tofu warning.
Also, don't forget to rotate your SSHFP DNS records as well.