I have a cluster of centos servers and I want to regenerate the ssh host keys. There are a lot of them so I don't want to do:
ssh root@servername "ssh-keygen -q -f /etc/ssh/ssh_host_key -N '' -t rsa"
for each server because it would take a long time and I'd have to type y to over right and then add the new host key to my known hosts file. I have a list of IPs if that helps. I was thinking I could just do a for loop on them.
Any suggestions?
It should be pretty easy to re-generate ssh host keys on a list of servers if you have a list of ips. I would iterate through them and remove the existing host key and then restart the ssh server and it'll automatically re-generate them. Make sure you do && between the rm and sshd restart otherwise you can get locked out.
#!/bin/bash
for server in 1.2.3.4 1.2.3.5 1.2.3.6 1.2.3.7
do
echo updating $server
ssh-keygen -R $server
ssh root@$server -o StrictHostKeyChecking=no "rm -rf /etc/ssh/ssh_host_* && /etc/init.d/sshd restart"
echo `ssh-keyscan -t rsa $server` >> ~/.ssh/known_hosts
done
