We have received complaints regarding their SSH Host keys being erased despite that they have already regenerated their SSH Host key before
AOSA-2017-0034 was posted.
This is our fault for not checking on vulnerable host keys by checksum - instead, we chose to regenerate the keys regardless. But here’s the way to workaround this issue, issue this command before you upgrade your system (given that your
openssh package has version older than
# touch /usr/share/doc/openssh/AOSA-2017-0034
Again, we apologize for this incident.