Ssh passwordless login, what are key pairs already in /etc/ssh?

I am in the process of setting up passwordless ssh login and out of curiosity checked out the /etc/ssh directory in a brand new clean installation of OSMC.
I was surprised to see three sets of key pairs in addition to the usual ssh_config. What are these for and how were they created?

Since they are in an otherwise virgin installation does that mean somebody else on the wan can access my system unknown to me because the keys were not created on my system?


They’re created on first boot, by your device.

I suspect the directory looks like this:

root@VERO4K-DEVEL:/home/osmc# ls /etc/ssh 
moduli			ssh_host_ed25519_key	  sshd_config
ssh_config  sshd_config.distributed
ssh_host_ecdsa_key	ssh_host_rsa_key

See osmc/package/ftr-osmc at master · osmc/osmc · GitHub

Check other Linux systems if you’re not sure

It is possible you got hacked

I found a massive vulnerability in OSMC

Absolutely not.
As a security researcher, if you genuinely believe there is such an issue you should practice responsible disclosure.


1 Like

If you want to setup key based ssh login I hope you have read up on the concept and understood that the keys for authentication are stored for each user in their own home directory (in this case /home/osmc/.ssh/authorized_keys)

Keys in /etc/sshd/ are hosts keys that are required to setup the encrypted connection regardless if you are using passwords or keys for authentication.

1 Like

Brilliant and thanks to all. I am somewhat assured on security and worked out the keys were generated on first boot. I was having problems with ownership having removed the offending key with ssh-keygen because the new file was owned by root. I have it sorted now.
Regarding security my remaining concern is that downloaded add-ons may make me vulnerable. Am now installing VPN.