A major security flaw in how systems are deployed is presented by the use of default or factory-installed keys and certificates. While these sorts of flaw are a boon for us as penetration testers, we need to ensure we do not fall victim to the same exploits that our targets may fall victim to by our hand. Linux distributions (as well as most any manufactured device) use factory keys by default. We must change our own key to ensure we do not become the prey to any investigator or adversary with forensics knowledge can and will access our data to determine who planted the Raspberry Pi. Let's not make it easy for them. We can do this by backing up the old keys and then establishing new ones as follows:
We'll make a new directory and then move the old keys to it for storage:
cd /etc/ssh mkdir backup_keys mv ssh_host_* backup_keys
Then we can generate new keys for SSH and all dependent services by typing
dpkg-reconfigure openssh-server
, as seen in the following...