summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorScott Moser <smoser@ubuntu.com>2011-08-15 16:39:21 -0500
committerScott Moser <smoser@ubuntu.com>2011-08-15 16:39:21 -0500
commit91cf9a3fbab9fcb005c0bfea50811589243781d5 (patch)
tree7e6398d7cdaeaeeee4665d7447322ae6abd94ad4
parent4aceeea084d00c2f5453b58518317953a0f552c6 (diff)
downloadvyos-cloud-init-91cf9a3fbab9fcb005c0bfea50811589243781d5.tar.gz
vyos-cloud-init-91cf9a3fbab9fcb005c0bfea50811589243781d5.zip
add awareness of ecdsa keys.
-rw-r--r--cloudinit/CloudConfig/cc_phone_home.py5
-rw-r--r--cloudinit/CloudConfig/cc_ssh.py7
-rw-r--r--doc/examples/cloud-config.txt3
3 files changed, 11 insertions, 4 deletions
diff --git a/cloudinit/CloudConfig/cc_phone_home.py b/cloudinit/CloudConfig/cc_phone_home.py
index be6abfa8..f291e1d4 100644
--- a/cloudinit/CloudConfig/cc_phone_home.py
+++ b/cloudinit/CloudConfig/cc_phone_home.py
@@ -20,7 +20,7 @@ import cloudinit.util as util
from time import sleep
frequency = per_instance
-post_list_all = [ 'pub_key_dsa', 'pub_key_rsa', 'instance_id', 'hostname' ]
+post_list_all = [ 'pub_key_dsa', 'pub_key_rsa', 'pub_key_ecdsa', 'instance_id', 'hostname' ]
# phone_home:
# url: http://my.foo.bar/$INSTANCE/
@@ -29,7 +29,7 @@ post_list_all = [ 'pub_key_dsa', 'pub_key_rsa', 'instance_id', 'hostname' ]
#
# phone_home:
# url: http://my.foo.bar/$INSTANCE_ID/
-# post: [ pub_key_dsa, pub_key_rsa, instance_id
+# post: [ pub_key_dsa, pub_key_rsa, pub_key_ecdsa, instance_id
#
def handle(name,cfg,cloud,log,args):
if len(args) != 0:
@@ -61,6 +61,7 @@ def handle(name,cfg,cloud,log,args):
pubkeys = {
'pub_key_dsa': '/etc/ssh/ssh_host_dsa_key.pub',
'pub_key_rsa': '/etc/ssh/ssh_host_rsa_key.pub',
+ 'pub_key_ecdsa': '/etc/ssh/ssh_host_ecdsa_key.pub',
}
for n, path in pubkeys.iteritems():
diff --git a/cloudinit/CloudConfig/cc_ssh.py b/cloudinit/CloudConfig/cc_ssh.py
index ee03de22..66587217 100644
--- a/cloudinit/CloudConfig/cc_ssh.py
+++ b/cloudinit/CloudConfig/cc_ssh.py
@@ -41,13 +41,17 @@ def handle(name,cfg,cloud,log,args):
"rsa_public" : ("/etc/ssh/ssh_host_rsa_key.pub", 0644),
"dsa_private" : ("/etc/ssh/ssh_host_dsa_key", 0600),
"dsa_public" : ("/etc/ssh/ssh_host_dsa_key.pub", 0644)
+ "ecdsa_private" : ("/etc/ssh/ssh_host_ecdsa_key", 0600),
+ "ecdsa_public" : ("/etc/ssh/ssh_host_ecdsa_key.pub", 0644)
}
for key,val in cfg["ssh_keys"].items():
if key2file.has_key(key):
util.write_file(key2file[key][0],val,key2file[key][1])
- priv2pub = { 'rsa_private':'rsa_public', 'dsa_private':'dsa_public' }
+ priv2pub = { 'rsa_private':'rsa_public', 'dsa_private':'dsa_public',
+ 'ecdsa_private': 'ecdsa_public', }
+
cmd = 'o=$(ssh-keygen -yf "%s") && echo "$o" root@localhost > "%s"'
for priv,pub in priv2pub.iteritems():
if pub in cfg['ssh_keys'] or not priv in cfg['ssh_keys']: continue
@@ -58,6 +62,7 @@ def handle(name,cfg,cloud,log,args):
# if not, generate them
genkeys ='ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ""; '
genkeys+='ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N ""; '
+ genkeys+='ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -t ecdsa -N ""; '
subprocess.call(('sh', '-c', "{ %s } </dev/null" % (genkeys)))
try:
diff --git a/doc/examples/cloud-config.txt b/doc/examples/cloud-config.txt
index 9f3add0f..981fadae 100644
--- a/doc/examples/cloud-config.txt
+++ b/doc/examples/cloud-config.txt
@@ -135,6 +135,7 @@ ssh_authorized_keys:
# Send pre-generated ssh private keys to the server
# If these are present, they will be written to /etc/ssh and
# new random keys will not be generated
+# in addition to 'rsa' and 'dsa' as shown below, 'ecdsa' is also supported
ssh_keys:
rsa_private: |
-----BEGIN RSA PRIVATE KEY-----
@@ -391,7 +392,7 @@ output:
#
phone_home:
url: http://my.example.com/$INSTANCE_ID/
- post: [ pub_key_dsa, pub_key_rsa, instance_id ]
+ post: [ pub_key_dsa, pub_key_rsa, pub_key_ecdsa, instance_id ]
# timezone: set the timezone for this instance
# the value of 'timezone' must exist in /usr/share/zoneinfo