diff options
author | Michael Felt <aixtools@gmail.com> | 2016-12-15 15:58:08 +0000 |
---|---|---|
committer | Scott Moser <smoser@brickies.net> | 2016-12-20 12:11:52 -0500 |
commit | 77092338c539627083d53f19bca84450216706af (patch) | |
tree | 21bd0b6b65cdc8b44694682fc3468652d66ac6f4 | |
parent | 071563198530008651ef12c6039241086c5b60ad (diff) | |
download | vyos-cloud-init-77092338c539627083d53f19bca84450216706af.tar.gz vyos-cloud-init-77092338c539627083d53f19bca84450216706af.zip |
Update the list of valid ssh keys.
Update ssh_util.py with latest list of keys (from openssh-7.3p1/sshkeys.c),
and remove extinct keys ending with "-v00@openssh.com"
Added keys:
rsa-sha2-256,
rsa-sha2-512,
ed25519,
ssh-ed25519,
ssh-ed25519-cert-v01@openssh.com
Removed both of the double entries for the keys:
ssh-dss-cert-v00@openssh.com
ssh-rsa-cert-v00@openssh.com
-rw-r--r-- | cloudinit/ssh_util.py | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/cloudinit/ssh_util.py b/cloudinit/ssh_util.py index c74a7ae2..0d595b02 100644 --- a/cloudinit/ssh_util.py +++ b/cloudinit/ssh_util.py @@ -30,16 +30,25 @@ LOG = logging.getLogger(__name__) # See: man sshd_config DEF_SSHD_CFG = "/etc/ssh/sshd_config" -# taken from openssh source key.c/key_type_from_name +# taken from openssh source openssh-7.3p1/sshkey.c: +# static const struct keytype keytypes[] = { ... } VALID_KEY_TYPES = ( - "rsa", "dsa", "ssh-rsa", "ssh-dss", "ecdsa", - "ssh-rsa-cert-v00@openssh.com", "ssh-dss-cert-v00@openssh.com", - "ssh-rsa-cert-v00@openssh.com", "ssh-dss-cert-v00@openssh.com", - "ssh-rsa-cert-v01@openssh.com", "ssh-dss-cert-v01@openssh.com", + "dsa", + "ecdsa", "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ecdsa-sha2-nistp384-cert-v01@openssh.com", - "ecdsa-sha2-nistp521-cert-v01@openssh.com") - + "ecdsa-sha2-nistp521-cert-v01@openssh.com", + "ed25519", + "rsa", + "rsa-sha2-256", + "rsa-sha2-512", + "ssh-dss", + "ssh-dss-cert-v01@openssh.com", + "ssh-ed25519", + "ssh-ed25519-cert-v01@openssh.com", + "ssh-rsa", + "ssh-rsa-cert-v01@openssh.com", +) class AuthKeyLine(object): def __init__(self, source, keytype=None, base64=None, |