dropbear and new host keys?

Joakim Tjernlund Joakim.Tjernlund at infinera.com
Thu Dec 12 21:56:17 AWST 2019


On Thu, 2019-12-12 at 13:31 +0000, Geoff Winkless wrote:
> 
> On Wed, 11 Dec 2019 at 17:00, Joakim Tjernlund
> <Joakim.Tjernlund at infinera.com> wrote:
> > In out case we cannot just restart dropbear and rebooting just for new keys is not an option either.
> > Could dropbear gain automatic reread of keys ?
> 
> You know if you kill the parent process the child processes keep
> running? So you can restart it without disconnecting everyone.

Yes, but in our case dropbear start/stop script is connected with several other daemons, but yes it can be
worked around.

The bigger issue here is why not reread keys at every new session? That seems to like the
right thing to do in any case? 

 Jocke


More information about the Dropbear mailing list