summaryrefslogtreecommitdiff
path: root/cloudinit/transforms/keys_to_console.py
diff options
context:
space:
mode:
Diffstat (limited to 'cloudinit/transforms/keys_to_console.py')
-rw-r--r--cloudinit/transforms/keys_to_console.py51
1 files changed, 51 insertions, 0 deletions
diff --git a/cloudinit/transforms/keys_to_console.py b/cloudinit/transforms/keys_to_console.py
new file mode 100644
index 00000000..e974375f
--- /dev/null
+++ b/cloudinit/transforms/keys_to_console.py
@@ -0,0 +1,51 @@
+# vi: ts=4 expandtab
+#
+# Copyright (C) 2011 Canonical Ltd.
+# Copyright (C) 2012 Hewlett-Packard Development Company, L.P.
+#
+# Author: Scott Moser <scott.moser@canonical.com>
+# Author: Juerg Haefliger <juerg.haefliger@hp.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 3, as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import os
+
+from cloudinit.settings import PER_INSTANCE
+from cloudinit import util
+
+frequency = PER_INSTANCE
+
+# This is a tool that cloud init provides
+helper_tool = '/usr/lib/cloud-init/write-ssh-key-fingerprints'
+
+
+def handle(name, cfg, _cloud, log, _args):
+ if not os.path.exists(helper_tool):
+ log.warn(("Unable to activate transform %s,"
+ " helper tool not found at %s"), name, helper_tool)
+ return
+
+ fp_blacklist = util.get_cfg_option_list(cfg,
+ "ssh_fp_console_blacklist", [])
+ key_blacklist = util.get_cfg_option_list(cfg,
+ "ssh_key_console_blacklist", ["ssh-dss"])
+
+ try:
+ cmd = [helper_tool]
+ cmd.append(','.join(fp_blacklist))
+ cmd.append(','.join(key_blacklist))
+ (stdout, _stderr) = util.subp(cmd)
+ util.write_file('/dev/console', stdout)
+ except:
+ log.warn("Writing keys to /dev/console failed!")
+ raise