ssh host keys on cloned virtual machines
Christoph Anton Mitterer
calestyo at scientia.org
Sat Feb 25 01:28:02 AEDT 2023
Keep in mind that when you clone the template image and replace/delete
the template image's SSH host keys (and the same applies to other such
key material as well) in the clone... then chances are good that the
data is nevertheless still accessible from within the clone (depending
on the used fs, whether DISCARD is used, IO patterns and so on).
If the subsequent owner of the clone is not fully trustworthy, and
extraction of the template image's keys might be possible and could be
used in subsequent attacks.
More information about the openssh-unix-dev