option to disable regeneration of ssh private key

[gowenpotato]

Description

If you build a VM with a private key already for SSH, there is no option to disable the recreation of the private key that I can find

Solution

I'd li like a variable that enables the ability to disable the regeneration of the private key such as:

ssh_server_create_keypair

• default: true
• Description: true to specify generation of private keys if they already exist, false to specify no regeneration of private keys if none exist. will generate kaypair regardless if they dont already exist
• Type: bool
• Required: no

Alternatives

I dont know any alternatives

Additional information

...

[rndmh3ro]

I'm not really sure what keys you mean. The hostkeys here?

[gowenpotato]

It would be the the "Replace default 2048 bits RSA keypair" task

here

Sorry if there is a way to do this already - I'm not a dev and I have looked through all the options in the documentation and can't find anything that looks like its applicable

[rndmh3ro]

Then you can use the variable ssh_host_key_files, e.g. like this:

- hosts: localhost
  roles: ssh_hardening
  vars:
    ssh_host_key_files:
      - /path/to/your/ssh_key

This way the role will use the existing, defined ssh-keys and not regenerate them.