If you’ve ever cloned a production Linux VM and watched both the original and the clone fight over the same static IP, share the same SSH host keys, or mount the wrong filesystems, you know that’s a lie.
preserve_hostname: false manage_etc_hosts: true ssh_pwauth: false disable_root: false Here is the battle-tested, distro-agnostic flow for Linux sysprep: Step 1: Provision a "clean" VM (not container) Build a VM exactly how you want your golden image: packages, configs, users, hardening. Step 2: Run the Generalization Script Save this as /usr/local/sbin/sysprep-linux.sh :
On Linux, there is no sysprep command. There is no single magic incantation. And that leads to a dangerous misconception: "Linux doesn't need sysprep. Just clone the disk."
#!/bin/bash set -e echo "=== Linux Sysprep - Generalizing System ===" find /var/log -type f -exec truncate -s 0 {} ; rm -rf /var/cache/* /tmp/* /var/tmp/* 2. Remove unique IDs echo -n > /etc/machine-id rm -f /var/lib/systemd/random-seed 3. Remove SSH host keys rm -f /etc/ssh/ssh_host_* 4. Remove network interface persistence rm -f /etc/udev/rules.d/70-persistent-net.rules rm -f /etc/network/interfaces.d/50-cloud-init.cfg # if using netplan 5. Clean package manager cache apt clean || yum clean all || dnf clean all 6. Remove shell history unset HISTFILE history -c find /home -name ".*history" -exec rm -f {} ; rm -f /root/.bash_history 7. Prepare for first-boot provisioning Ensure cloud-init is installed and enabled systemctl enable cloud-init 8. Remove udev hardware database (forces re-detection) rm -f /etc/udev/hwdb.bin
If you’ve ever cloned a production Linux VM and watched both the original and the clone fight over the same static IP, share the same SSH host keys, or mount the wrong filesystems, you know that’s a lie.
preserve_hostname: false manage_etc_hosts: true ssh_pwauth: false disable_root: false Here is the battle-tested, distro-agnostic flow for Linux sysprep: Step 1: Provision a "clean" VM (not container) Build a VM exactly how you want your golden image: packages, configs, users, hardening. Step 2: Run the Generalization Script Save this as /usr/local/sbin/sysprep-linux.sh : linux sysprep
On Linux, there is no sysprep command. There is no single magic incantation. And that leads to a dangerous misconception: "Linux doesn't need sysprep. Just clone the disk." If you’ve ever cloned a production Linux VM
#!/bin/bash set -e echo "=== Linux Sysprep - Generalizing System ===" find /var/log -type f -exec truncate -s 0 {} ; rm -rf /var/cache/* /tmp/* /var/tmp/* 2. Remove unique IDs echo -n > /etc/machine-id rm -f /var/lib/systemd/random-seed 3. Remove SSH host keys rm -f /etc/ssh/ssh_host_* 4. Remove network interface persistence rm -f /etc/udev/rules.d/70-persistent-net.rules rm -f /etc/network/interfaces.d/50-cloud-init.cfg # if using netplan 5. Clean package manager cache apt clean || yum clean all || dnf clean all 6. Remove shell history unset HISTFILE history -c find /home -name ".*history" -exec rm -f {} ; rm -f /root/.bash_history 7. Prepare for first-boot provisioning Ensure cloud-init is installed and enabled systemctl enable cloud-init 8. Remove udev hardware database (forces re-detection) rm -f /etc/udev/hwdb.bin There is no single magic incantation
