diff options
author | Scott Moser <smoser@ubuntu.com> | 2011-10-30 18:00:41 -0400 |
---|---|---|
committer | Scott Moser <smoser@ubuntu.com> | 2011-10-30 18:00:41 -0400 |
commit | a2aa4805f018a9d8ff8baff7c2f6cb91e532c4d2 (patch) | |
tree | 77361995284c5ac8827b4b789ba659e2ea591ba0 /cloudinit/CloudConfig | |
parent | ea569edffc529ae2d88a25757c22b9034d2788de (diff) | |
download | vyos-cloud-init-a2aa4805f018a9d8ff8baff7c2f6cb91e532c4d2.tar.gz vyos-cloud-init-a2aa4805f018a9d8ff8baff7c2f6cb91e532c4d2.zip |
Make the types of SSH keys to generate configurable
Notes:
* This also makes cc_ssh.py *not* write ssh keys to the console.
That means that if keys-to-console is configured off, nothing will
write the keys to the console.
* I removed Garret's use of xargs, replacing with a shell for loop
in write-ssh-key-fingerprints.
taken from
git://pkgs.fedoraproject.org/cloud-init.git
commit 87f33190f43d2b26cced4597e7298835024466c2
Author: Garrett Holmstrom <gholms@fedoraproject.org>
Patch8: cloud-init-0.6.2-sshkeytypes.patch
Diffstat (limited to 'cloudinit/CloudConfig')
-rw-r--r-- | cloudinit/CloudConfig/cc_ssh.py | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/cloudinit/CloudConfig/cc_ssh.py b/cloudinit/CloudConfig/cc_ssh.py index 727fd398..296b18f2 100644 --- a/cloudinit/CloudConfig/cc_ssh.py +++ b/cloudinit/CloudConfig/cc_ssh.py @@ -31,7 +31,7 @@ def handle(name,cfg,cloud,log,args): global_log = log # remove the static keys from the pristine image - for f in glob.glob("/etc/ssh/ssh_host_*_key*"): + for f in glob.glob("/etc/ssh/ssh_host_*key*"): try: os.unlink(f) except: pass @@ -61,10 +61,10 @@ def handle(name,cfg,cloud,log,args): log.debug("generated %s from %s" % pair) else: # if not, generate them - genkeys ='ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ""; ' - genkeys+='ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N ""; ' - genkeys+='ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -t ecdsa -N ""; ' - subprocess.call(('sh', '-c', "{ %s } </dev/null" % (genkeys))) + for keytype in util.get_cfg_option_list_or_str(cfg, 'ssh_genkeytypes', + ['rsa', 'dsa', 'ecdsa']): + subprocess.call(['ssh-keygen', '-t', keytype, '-N', '', + '-f', '/etc/ssh/ssh_host_%s_key' % keytype]) util.restorecon_if_possible('/etc/ssh', recursive=True) @@ -84,11 +84,6 @@ def handle(name,cfg,cloud,log,args): util.logexc(log) log.warn("applying credentials failed!\n") - send_ssh_keys_to_console() - -def send_ssh_keys_to_console(): - subprocess.call(('/usr/lib/cloud-init/write-ssh-key-fingerprints',)) - def apply_credentials(keys, user, disable_root, disable_root_opts=DISABLE_ROOT_OPTS, log=global_log): keys = set(keys) if user: |