| Age | Commit message (Collapse) | Author |
|---|
|
instead of using '--stderr' on non-rhel based on the presense of
/etc/redhat-release, just use the short form '-s' everywhere.
|
|
It seems like at least RHEL does not have the "--stderr" option
but instead only supports the short version "-s" so add a check
that will switch from the long version to the short version when
RHEL is detected.
LP: #1083715
|
|
In the previous commit to htis file I had wrapped the writing of
'BEGIN SSH HOST KEY KEYS' to go through logger.
This would cause the keys to be prefixed with 'ec2:' which, previously they
were not. That would break existing users *and* make it more difficult to
consume that data, which was explicitly added to be easy to consume.
|
|
This changes all output write-ssh-key-fingerprints to go to its
stdout by redirecting stderr to stdout.
The reason for this is that cc_keys_to_console.py was swallowing stderr
and not replaying it to /dev/console.
Ideally, we'd have a way in 'util.subp' to do effectively the same thing
as we're doing here in the shell script.
LP: #1055688
|
|
Currently cloud-init writes something like this to console output:
ec2: #############################################################
ec2: -----BEGIN SSH HOST KEY FINGERPRINTS-----
ec2: 2048 78:ae:f3:91:04:6f:8d:ee:ef:e1:2d:72:83:6a:d0:82 root@h (RSA)
ec2: 1024 d3:b6:32:64:22:d4:43:05:f9:25:b4:f3:65:4e:e2:51 root@h (DSA)
ec2: -----END SSH HOST KEY FINGERPRINTS-----
ec2: #############################################################
the key fingerprints are useful for humans to read, but not so useful
for machines, as you cannot populate a KnownHostsFile (~/.ssh/known_hosts)
from the data there.
This change adds output like:
-----BEGIN SSH HOST KEY KEYS-----
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdH......STI= root@h
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYRIQe6m......tWF3 root@h
-----END SSH HOST KEY KEYS-----
Those lines can easily be grabbed and appended to a known_hosts file.
|
|
Notes:
* This also makes cc_ssh.py *not* write ssh keys to the console.
That means that if keys-to-console is configured off, nothing will
write the keys to the console.
* I removed Garret's use of xargs, replacing with a shell for loop
in write-ssh-key-fingerprints.
taken from
git://pkgs.fedoraproject.org/cloud-init.git
commit 87f33190f43d2b26cced4597e7298835024466c2
Author: Garrett Holmstrom <gholms@fedoraproject.org>
Patch8: cloud-init-0.6.2-sshkeytypes.patch
|
|
This will allow this code to be called more easily elsewhere.
I'm considering having the "all the way up" message contain fingerprints
so that they're more or less guaranteed to get to the console where
the user could see them.
|
