In cloud VM instances, how to handle ssh host keys?

Hilikus asked:

In throwaway VMs like the ones usually used by companies today in GCP or AWS, every time an instance boots for the first time it will have a new set of ssh host keys created. That means that if an instance was recreated since the last time you connected to it (via an interactive session or, worse, in CI to deploy the latest code) the ssh client will fail because the host key changed. The common solution (at least with ansible) is always "disable host checking" but this seems like a bad idea to me. You are disabling an important part of your security checks.

  1. What is the simplest way to set the host keys in GCE? something like cloud-init maybe?
  2. Is it ok to reuse the same host key for all your VM instances or is it better to reuse keys only for instances with the same name? e.g. db-1 will always have the same host key no matter how many times it gets recreated but db-2 will have a different one than db-1

My answer:


As part of your instance creation process, you should ssh-keyscan the newly created VM instance to obtain its ssh host keys. You can then distribute these to wherever they are needed.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.