From a177947f41a187ea0c8ddda3bfb037fd3d0806d8 Mon Sep 17 00:00:00 2001 From: Scott Moser Date: Fri, 22 Jan 2010 10:05:50 -0500 Subject: re-work generation of keys. be more sure that ssh service will be running --- ec2init/CloudConfig.py | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) (limited to 'ec2init/CloudConfig.py') diff --git a/ec2init/CloudConfig.py b/ec2init/CloudConfig.py index 8a889a2b..96273e70 100644 --- a/ec2init/CloudConfig.py +++ b/ec2init/CloudConfig.py @@ -22,6 +22,7 @@ import ec2init import ec2init.util as util import subprocess import os +import glob per_instance="once-per-instance" @@ -144,6 +145,11 @@ class CloudConfig(): return(True) def h_config_ssh(self,name,args): + # remove the static keys from the pristine image + for f in glob.glob("/etc/ssh/ssh_host_*_key*"): + try: os.unlink(f) + except: pass + if False: # if there are keys in cloud-config, use them # TODO: need to get keys from cloud-config if present @@ -151,10 +157,15 @@ class CloudConfig(): pass else: # if not, generate them - clean_and_gen='rm -f /etc/ssh/ssh_host_*_key*; ' + \ - 'ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ""; ' + \ - 'ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t rsa -N ""; ' - subprocess.call(('sh', '-c', clean_and_gen)) + genkeys ='ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ""; ' + genkeys+='ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N ""; ' + subprocess.call(('sh', '-c', "{ %s }