SSH is a service which most of system administrators use for remote administration of servers. When you install a fresh system, then at the start of the ssh service, it generates the host keys for your system which later on used for authentication. But if due to some reason you need to generate the host keys, then the process is explained below.

Why to generate Host keys:

  • If you are getting this error when trying to start the ssh service:
  • Could not load host key: /etc/ssh/ssh_host_key
    Could not load host key: /etc/ssh/ssh_host_dsa_key
    Disabling protocol version 1. Could not load host key
    Disabling protocol version 2. Could not load host key

    **** Normally this happens when SSH keys don’t get generated on the startup.

  • If your system is compromised and your keys are stolen and you want to generate new keys.

There could be some other reasons also but if you are reading this article then i believe you already have some reason with you.

Generating Host Keys:

To re-generate your host keys use this command:

# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key

This will re-generate the dsa keys for your host. To re-generate the rsa keys, use the same command like this:

# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

This will generate a key pair for your system.

Note: Administrators that have other users connecting to their sshd2 daemon should notify the users of the host-key change. If you do not, the users will receive a warning the next time they connect, because the host key the users have saved on their disk for your server does not match the host key now being provided by your sshd2 daemon. The users may not know how to respond to this error.


If you enjoyed this post, make sure you subscribe to my RSS feed!!!!