In the light of the Github hastily replacing their RSA ssh host key,
I wondered how one could rotate ssh keys properly, without having to manage a
PKI, and without
having the scary @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ shown
to users.
Fortunately, host-key rotation was added in OpenSSH
6.8, almost 10 years ago, and was documented
in two
blogspots by
djm. It's pretty straightforward: one
simply has to generate a new key with ssh-keygen, and add it to the
/etc/ssh/sshd_config via the Hostkey directive, and to reload sshd.
Because UpdateHostKeys is enabled by default client-side, clients will
automatically add and remove keys to UserKnownHostsFile. To mark the
key as revoked, it needs to be added to /etc/ssh/ssh_revoked_hosts, and
RevokedHostKeys /etc/ssh/ssh_revoked_hosts added to the .ssh/config file. One
should also remove the keys from the .ssh/known_hosts file, albeit this will
be done automatically once the key is removed from the server's
/etc/ssh/sshd_config, upon the client's next connection.
There is currently no way for servers to communicate to the user that a certain
key is revoked, except by adding it to RevokedHostsKeys, but this will only
prevent users from using it to connect to this particular server, not globally.
But this doesn't really matter, since a user will still get the
tofu warning.
Also, don't forget to rotate your SSHFP DNS records as well.