From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 4909C67C05 for ; Wed, 13 Jan 2021 17:41:08 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 3D2AE13D76 for ; Wed, 13 Jan 2021 17:41:08 +0100 (CET) Received: from vizir.gilouweb.com (vizir.gilouweb.com [IPv6:2001:41d0:d:2147::100]) by firstgate.proxmox.com (Proxmox) with ESMTP id 5BC5813D6A for ; Wed, 13 Jan 2021 17:41:04 +0100 (CET) Received: from localhost (localhost.localdomain [127.0.0.1]) by vizir.gilouweb.com (Postfix) with ESMTP id 1F92E82B1B2 for ; Wed, 13 Jan 2021 17:40:58 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gilouweb.com; s=mail; t=1610556058; bh=sSwG17x9ZdH58y0LaWbBn2ajJ8nXJs3rC0ThzORid3c=; h=Subject:To:References:From:Date:In-Reply-To:From; b=22oEa2JIDuHpJzl8ULxymDON+auMetxir3XSJxBGu4UcSCnxSUJ2yHp8jcVKtN0jH xkRY9wjavnUoZaXfLG0Bd0ZeTcK2tCh0wDAicVcVBwsmRm6NZT+MPXQ+BPuaz2apde oEKdtuF4adl6Khhym4xhqO+Io0iv0Zs8C2E/jMOnBGx/LglQ2sDnbpMy/52VXnNLw6 K21VzNeW711x5SNRidfYLZtvrSKjuAVMep1aRHALGshx58nJiOmhBIpAG3QTkPL0nb h1k6wcbQ/Lrov6sTNTONkcPfWOjrCD9QHT1S8kgYCODzdKiGdYT+kBdX+1Lq8ritWL F6h9409qZ00YQ== X-Virus-Scanned: Debian amavisd-new at vizir.gilouweb.com Received: from vizir.gilouweb.com ([127.0.0.1]) by localhost (vizir.gilouweb.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UuP1-VLAvMGG for ; Wed, 13 Jan 2021 17:40:48 +0100 (CET) Received: from [IPv6:2001:910:102d::3ca] (unknown [IPv6:2001:910:102d::3ca]) by vizir.gilouweb.com (Postfix) with ESMTPSA id 4000782B0EE for ; Wed, 13 Jan 2021 17:40:48 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gilouweb.com; s=mail; t=1610556048; bh=sSwG17x9ZdH58y0LaWbBn2ajJ8nXJs3rC0ThzORid3c=; h=Subject:To:References:From:Date:In-Reply-To:From; b=dn+7gZMsNp+RiuZUWiJiS933V3GOiDUUGesgLlANRTkPfcKbeT+9Ry7fL9NbWDb3e D5dC6DaoFRVSY/9G4bK7MO02jGYi7ImYNI3Y7Wcr/I4DwCSpn6A/DolaoDtVjw3EKc TFzIJvQUtG2ywc3pwcNqqAnULbpDkyI/NhvRgbnsI8iCGdJha85n0THsVbshuIEbbO YEs9UQzpj6qIiyj0GP0pVnsq68vlmaxuydkx6mUEfxcJEfUI1L0vVchskfLtpwHChJ +G7WERbZrI3YZmWZGgJgBXoruL08TAfmwqIF6vkxVKbZSR8YQFrYIIIE5TUYboiTCS cwKdD87wcWC8Q== To: pve-devel@lists.proxmox.com References: <20210113090132.3889308-1-aderumier@odiso.com> From: Gilles Pietri Message-ID: Date: Wed, 13 Jan 2021 17:40:47 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20210113090132.3889308-1-aderumier@odiso.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.000 Adjusted score from AWL reputation of From: address DKIM_SIGNED 0.1 Message has a DKIM or DK signature, not necessarily valid DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's domain DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from domain NICE_REPLY_A -0.001 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [gilouweb.com] Subject: Re: [pve-devel] [PATCH qemu-server] cloud-init: don't regenerate ssh hosts key on config change when vm is running X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Jan 2021 16:41:08 -0000 Le 13/01/2021 à 10:01, Alexandre Derumier a écrit : > Currently, we always regenerate sshkeys on any config change. > > It should be done only before the first vm start, but currently can't known that. > > So, this patch only do it when vm is running. Hi, There is something indeed annoying with that module, as I always end up adding ssh_deletekeys: false in a provisionned server, but I like that it does it the first time indeed… Maybe we could let it be configurable though! Gilou