Skip to content

factory-reset: clear hostname and ssh keys, and reset motd banner #24522

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
anamehra wants to merge 3 commits into
base: master
Choose a base branch
from
Open

factory-reset: clear hostname and ssh keys, and reset motd banner #24522

anamehra wants to merge 3 commits into from

Conversation

@anamehra
Copy link
Contributor

@anamehra anamehra commented Nov 13, 2025
edited
Loading

Signed-off-by: Anand Mehra (anamehra) [email protected]

Why I did it

Factory reset does not clear ssh keys and hostname file.
Motd banner is not reset to factory default

Work item tracking
  • Microsoft ADO (number only):

How I did it

  • Remove SSH host keys (will be regenerated on fresh boot)
  • Remove hostname (will be set on fresh boot)
  • Add reset motd banner to factory default

How to verify it

Run reset-factory command

root@yy39-lc1:/home/admin# reset-factory 
Stop critical services
Reset banner/motd file
MOTD restored from factory default
Removing hostname (will be set on boot)
Call config-setup factory
Remove non-default users
Restore default users passwords
Remove SSH authorized keys from all users
Remove SSH host keys from /etc/ssh
Delete bash, python and vim history files
Delete any non-dotfiles in users home directories
Remove all docker containers except the database
Clear sonic directory
Clear warmboot folder
Delete reboot-cause files and symlinks
Delete tech-support files
Delete logs files
Error response from daemon: No such container: syncd0
Error response from daemon: No such container: syncd1
Error response from daemon: No such container: syncd2
Watchdog armed for 300 seconds
1
Error response from daemon: No such container: syncd0
Error response from daemon: No such container: syncd1
Error response from daemon: No such container: syncd2
fstrim: /mnt/obfl_mnt_dir: the discard operation is not supported
/var/log: 3.8 GiB (4040876032 bytes) trimmed on /dev/loop1
/host: 4.2 GiB (4512677888 bytes) trimmed on /dev/sda3
Watchdog armed for 300 seconds
Wed Nov 19 04:35:28 PM UTC 2025 Rebooting with platform x86_64-88_lc0_36fh-r0 specific tool ...
Connection to 10.175.46.7 closed by remote host.
Connection to 10.175.46.7 closed.


Debian GNU/Linux 12 localhost ttyS0

localhost login: admin
Password: 
Linux localhost 6.1.0-29-2-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.123-1 (2025-01-02) x86_64
You are on
  ____   ___  _   _ _  ____
 / ___| / _ \| \ | (_)/ ___|
 \___ \| | | |  \| | | |
  ___) | |_| | |\  | | |___
 |____/ \___/|_| \_|_|\____|

-- Software for Open Networking in the Cloud --

Unauthorized access and/or use are prohibited.
All access and/or use are subject to monitoring.

Help:    https://sonic-net.github.io/SONiC/

admin@localhost:~$ 

sonic@sonic-ucs-m6:~$ ssh [email protected]
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:xs5Wqa985LuxKxzuxwWuF4JX04atz+mCzrBvyv5b7l0.
Please contact your system administrator.
Add correct host key in /home/sonic/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/sonic/.ssh/known_hosts:41
  remove with:
  ssh-keygen -f "/home/sonic/.ssh/known_hosts" -R "10.175.46.7"
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
Debian GNU/Linux 12 \n \l

[email protected]: Permission denied (publickey,password).

Which release branch to backport (provide reason below if selected)

  • 202205
  • 202211
  • 202305
  • 202311
  • 202405
  • 202411
  • 202505

Tested branch (Please provide the tested image version)

Description for the changelog

Link to config_db schema for YANG module changes

A picture of a cute animal (not mandatory but encouraged)

@anamehra
factory-reset: clear hostname and ssh keys, and reset motd banner
bd6539d 
- Remove SSH host keys (will be regenerated on boot)
- Remove hostname (will be set on boot)
- Add reset motd banner to factory default
@anamehra anamehra requested a review from lguohan as a code owner November 13, 2025 07:28
@mssonicbld
Copy link
Collaborator

mssonicbld commented Nov 13, 2025

/azp run Azure.sonic-buildimage

@azure-pipelines
Copy link

azure-pipelines bot commented Nov 13, 2025

Azure Pipelines successfully started running 1 pipeline(s).

@mssonicbld
Copy link
Collaborator

mssonicbld commented Nov 19, 2025

/azp run Azure.sonic-buildimage

@azure-pipelines
Copy link

azure-pipelines bot commented Nov 19, 2025

Azure Pipelines successfully started running 1 pipeline(s).

@prgeor prgeor requested a review from qiluo-msft November 19, 2025 17:03
@prgeor
Copy link
Contributor

prgeor commented Nov 19, 2025

@qiluo-msft can you please review?

@mssonicbld
Copy link
Collaborator

mssonicbld commented Dec 3, 2025

/azp run Azure.sonic-buildimage

@azure-pipelines
Copy link

azure-pipelines bot commented Dec 3, 2025

Azure Pipelines successfully started running 1 pipeline(s).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lguohan lguohan Awaiting requested review from lguohan lguohan is a code owner

@qiluo-msft qiluo-msft Awaiting requested review from qiluo-msft

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@anamehra @mssonicbld @prgeor