Lost ssh_host* config files(etc/ssh) when I reuse my image (AMI)

Hello,

The ‘ll’ command is commonly used to get a more detailed and comprehensive listing of files and directories in a directory. In this case, the /etc/ssh/ssh_host_* files in Linux are generated dynamically during the first start of an instance. These files have the host keys used for SSH server authentication. When you create an Amazon Machine Image (AMI) from an instance, these dynamically generated files are not included in the image.

The reason for this is that host keys are meant to be unique to each instance to ensure secure communication. Including pre-generated host keys in the image could lead to security vulnerabilities, as multiple instances would have the same keys.

When launching an instance from an AMI, the host keys are regenerated during the first boot of the new instance. This ensures that each instance has unique host keys for secure SSH connections. Therefore, it is expected behaviour that the /etc/ssh/ssh_host_* files are not included in the AMI and are generated when the instance is launched.

In case you ignore to remove the current SSH host key pairs from your public AMI, our regular auditing procedure will alert both you and all customers who have launched instances from your AMI about the potential security hazard. Following a brief grace period, we designate the AMI as private.

Please find below some documentation to guide you further:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/building-shared-amis.html#remove-ssh-host-key-pairs

Thank You.