13
2
I am playing around with salt and what my problem is launching instance from Amazon EC2 AMI results minion keys being the same. How do I refresh individual minion to get it's new identity (key)?
James Lin
Posted 2014-01-02T04:48:13.523
Reputation: 233
20
Stop the minion service.
service salt-minion stop
Delete old identity
rm /etc/salt/pki/minion/minion.pem
rm /etc/salt/pki/minion/minion.pub
cat /dev/null > /etc/salt/minion_id
Make sure salt will begin on startup
chkconfig salt-minion on
Create your a new AMI
user325017
Posted 2014-01-02T04:48:13.523
Reputation: 216
4
Give the following command a try:
sudo salt 'name_of_host_whose_keys_you_wish_to_regenerate' saltutil.regen_keys
darnold0714
Posted 2014-01-02T04:48:13.523
Reputation: 41
0
Based on user325017's answer.
I adapted this for Ubuntu Bionic Beaver 18.04, since it has systemd:
#!/usr/bin/env bash
systemctl stop salt-minion
rm /etc/salt/pki/minion/minion.pem
rm /etc/salt/pki/minion/minion.pub
cat /dev/null > /etc/salt/minion_id
systemctl enable salt-minion
systemctl start salt-minion
sdkks
Posted 2014-01-02T04:48:13.523
Reputation: 189
-1
Following @user325017 answer for Windows, tweak step 2 with:
Remove C:\salt\conf\pki\minion\minion.pem Remove C:\salt\conf\pki\minion\minion.pub Edit c:\salt\conf\minion, and update the line with "id:"
raider33
Posted 2014-01-02T04:48:13.523
Reputation: 99
This should be a comment to the answer you're referring to. – zagrimsan – 2016-08-16T11:58:38.783
What if I need to generate keys bc the salt 'broadcast' doesn't work yet? – Phlip – 2014-10-04T13:31:49.837