Azure Container Instance SFTP - host key changed

JC 1 Reputation point
2020-08-08T15:39:28.143+00:00

Hello,
We created an Azure Container Instance and the corresponding file storage to be used as SFTP. We did this by the custom deployment template (uploaded).
We were able to connect and upload files not problem. However, after a few days we noticed the host key was changed (probably after Azure did some regular maintenance). See screenshot uploaded.
Can anyone guide us how to make the host key from changing? Can the custom deployment template be modified to specify a constant host key?
Thanks!
[16523-azure-sftp-deployment-template.pdf][1]

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,428 questions
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. CMD73 6 Reputation points
    2020-12-15T21:39:47.193+00:00

    @JC I had similar struggles after finding and deploying the Microsoft template here, and it was working great...then the container reset. The SSH keys on the atmoz/sftp image reset each time (as it probably should) so the automation built around it kept causing the transfers to fail with the Man In The Middle warning about the key change on the SFTP client.

    To get around it, I created two additional file shares in the storage account: one to store the keys, and one to store a bash script. The keys I grabbed from the /etc/ssh directory and put them in the first file share, which I mounted to /etc/sftpkeys in the template. Then I mounted the share with the bash script to /etc/sftp.d, which is a folder that the atmoz/sftp image will run any script after startup (see the atmoz docs here. The bash script just needs to do a copy from the sftpkeys folder to ssh, named something like copykeys.sh: cp /etc/sftpkeys/ssh_host_* /etc/ssh

    This has done the trick after several restart tests to keep the keys intact. It avoids having to build your own fork of the atmoz/sftp image. Hope it works for you too.

    Chad

    1 person found this answer helpful.
  2. Sumarigo-MSFT 43,561 Reputation points Microsoft Employee
    2020-08-10T07:56:58.003+00:00

    @JC For clarification: Have you referred to the suggestion mentioned in this GitHub article and let me know the status if you find any difficulties. I would like to work closer on this issue .

    Hope this helps!

    ------------------------------------------------------------------------------------------------------------------------------------------------------

    Please don’t forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

  3. Charbel Nemnom 0 Reputation points
    2023-01-18T06:36:52.59+00:00

    Hello JC and Rahul,

    You can find the step-by-step instructions in detail in this guide on how to prevent SFTP Host Key from getting changed.

    Hope this helps!

    Best,

    -Charbel

    0 comments