diff options
author | Emanuele Giuseppe Esposito <eesposit@redhat.com> | 2021-08-09 16:49:56 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-08-09 09:49:56 -0500 |
commit | 00dbaf1e9ab0e59d81662f0f3561897bef499a3f (patch) | |
tree | 6ff454c6b3acfad391f1c0c5424e6b592586f52c /tests/unittests/test_distros/test_photon.py | |
parent | 13b6a8575f813699d406f5cab3424c2beffba26f (diff) | |
download | vyos-cloud-init-00dbaf1e9ab0e59d81662f0f3561897bef499a3f.tar.gz vyos-cloud-init-00dbaf1e9ab0e59d81662f0f3561897bef499a3f.zip |
Stop copying ssh system keys and check folder permissions (#956)
In /etc/ssh/sshd_config, it is possible to define a custom
authorized_keys file that will contain the keys allowed to access the
machine via the AuthorizedKeysFile option. Cloudinit is able to add
user-specific keys to the existing ones, but we need to be careful on
which of the authorized_keys files listed to pick.
Chosing a file that is shared by all user will cause security
issues, because the owner of that key can then access also other users.
We therefore pick an authorized_keys file only if it satisfies the
following conditions:
1. it is not a "global" file, ie it must be defined in
AuthorizedKeysFile with %u, %h or be in /home/<user>. This avoids
security issues.
2. it must comply with ssh permission requirements, otherwise the ssh
agent won't use that file.
If it doesn't meet either of those conditions, write to
~/.ssh/authorized_keys
We also need to consider the case when the chosen authorized_keys file
does not exist. In this case, the existing behavior of cloud-init is
to create the new file. We therefore need to be sure that the file
complies with ssh permissions too, by setting:
- the actual file to permission 600, and owned by the user
- the directories in the path that do not exist must be root owned and
with permission 755.
Diffstat (limited to 'tests/unittests/test_distros/test_photon.py')
0 files changed, 0 insertions, 0 deletions