On 7 May 2017 at 02:33, Joshua Watt wrote: > +if [ ! -f "$NAME" ]; then > + echo " generating ssh $TYPE key..." > + ssh-keygen -q -f "${NAME}.tmp" -N '' -t $TYPE > + > + # Sync to ensure data is written to temp file before renaming > + sync > + > + # Move (Atomically rename) files > + # Rename the .pub file first, since the check that triggers a > + # key generation is based on the private file. > + mv -f "${NAME}.tmp.pub" "${NAME}.pub" > + sync > + > + mv -f "${NAME}.tmp" "${NAME}" > + sync > +fi > > All of these syncs seem quite enthusiastic, are they really needed? Writing the file to a temporary name and then mving it to the real name should result in either no file or a complete file in the event of power loss, surely? > diff --git a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service > b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service > index 148e6ad..af56404 100644 > --- a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service > +++ b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service > @@ -1,22 +1,14 @@ > [Unit] > Description=OpenSSH Key Generation > RequiresMountsFor=/var /run > -ConditionPathExists=!/var/run/ssh/ssh_host_rsa_key > -ConditionPathExists=!/var/run/ssh/ssh_host_dsa_key > -ConditionPathExists=!/var/run/ssh/ssh_host_ecdsa_key > -ConditionPathExists=!/var/run/ssh/ssh_host_ed25519_key > -ConditionPathExists=!/etc/ssh/ssh_host_rsa_key > -ConditionPathExists=!/etc/ssh/ssh_host_dsa_key > -ConditionPathExists=!/etc/ssh/ssh_host_ecdsa_key > -ConditionPathExists=!/etc/ssh/ssh_host_ed25519_key > Can you not continue to use ConditionPathExists to only run this unit if it needs to run? You can prepend the argument with | to make them logical OR instead of logical AND, if I'm reading this documentation correctly. Ross