Steve Brasier via FreeIPA-users wrote:
Hi. I'm looking at using `ipa-client-install --keytab` to
re-enrole a VM after reimaging. However this changes the host's ssh keys, which is
undesirable in this case.
Is there a "smart" way of preventing that? Or is this comment from 10 years ago
the correct way to reset it:
https://pagure.io/freeipa/issue/2655#comment-320195
Can you be a bit more specific? Does the static image already have ssh
keys? If they are the same what's the issue re-updating an existing entry?
I don't believe ipa-client-install is generating ssh keys (at least not
on purpose) so I'd check to see if that is happening elsewhere, e.g.
ensure they are right, then install the client, verify.
rob