Skip to content

In developer mode, MS force-generates new keys ignoring pre-existing key files #12055

New issue
New issue
Open
Open
In developer mode, MS force-generates new keys ignoring pre-existing key files#12055
Assignees
pavanaravapalli
@pavanaravapalli

Description

@pavanaravapalli
pavanaravapalli
opened on Nov 12, 2025

problem

In developer mode, when the CloudStack database contains no ssh ( public,private ) keys, the MS automatically generates new public/private key pairs. This occurs even when valid key files are already present in the expected filesystem path (/var/root/.ssh/). This behavior is problematic because:

It overrides pre-existing keys that an developer may have deliberately placed there.

It forces the use of the ECDSA algorithm for the keys generation, which may not be suitable for all environments. Some users may need to maintain compatibility with legacy systems (RSA) or use their own pre-provisioned keys for policy and security reasons.

The automatic generation does not provide an option to default to or use the existing keys, reducing configuration flexibility.

versions

Cloudstack Version : 4.20.2.0, main

The steps to reproduce the bug

  1. Set up a CloudStack management server in developer mode
  2. Place custom public/private key files (e.g., using RSA algorithm) in the designated key directory, typically /var/root/.ssh
  3. Start the CloudStack Management Server with an empty key.
    delete from configuration where name='ssh.publickey';
    delete from configuration where name='ssh.privatekey';
  4. Observe that CloudStack ignores the pre-placed key files and generates new ECDSA keys, overwriting the expected behavior.

Expected Result
CloudStack should first check the configured key path for existing key files. If valid keys are found, it should use them instead of generating new ones. The system should only generate new keys if no key files are present.

Actual Result
CloudStack unconditionally generates new ECDSA key pairs when no keys are found in the database, disregarding any pre-existing key files on the path.

What to do about it?

CloudStack should first check the configured key path for existing key files. If valid keys are found, it should use them instead of generating new ones. The system should only generate new keys if no key files are present.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions