Hi,
I am in the process of setting up passwordless ssh login and out of curiosity checked out the /etc/ssh directory in a brand new clean installation of OSMC.
I was surprised to see three sets of key pairs in addition to the usual ssh_config. What are these for and how were they created?
Since they are in an otherwise virgin installation does that mean somebody else on the wan can access my system unknown to me because the keys were not created on my system?
If you want to setup key based ssh login I hope you have read up on the concept and understood that the keys for authentication are stored for each user in their own home directory (in this case /home/osmc/.ssh/authorized_keys)
Keys in /etc/sshd/ are hosts keys that are required to setup the encrypted connection regardless if you are using passwords or keys for authentication.
Brilliant and thanks to all. I am somewhat assured on security and worked out the keys were generated on first boot. I was having problems with ownership having removed the offending key with ssh-keygen because the new file was owned by root. I have it sorted now.
Regarding security my remaining concern is that downloaded add-ons may make me vulnerable. Am now installing VPN.