From 5d3e4e79746772d80a6289f352e3606382f73eaa Mon Sep 17 00:00:00 2001 From: zsdc Date: Mon, 22 May 2023 18:05:07 +0300 Subject: SSH: T5235: Made SSH comment parser stricter To avoid problems with SSH public key comments with special characters the parser now generates UUID names for keys if a comment contains anything except `[a-zA-Z0-9_]`. --- cloudinit/config/cc_vyos.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cloudinit/config/cc_vyos.py b/cloudinit/config/cc_vyos.py index a54c9980..49d8952c 100644 --- a/cloudinit/config/cc_vyos.py +++ b/cloudinit/config/cc_vyos.py @@ -84,7 +84,8 @@ def set_ssh_login(config, user, key_string): logger.error("Key base64 not defined, wrong ssh key format.") return False - if not key_parsed.comment: + if not key_parsed.comment or not re.fullmatch(r'^[\w]+$', key_parsed.comment, re.ASCII): + logger.info("Generating UUID for an SSH key because a comment is empty or unacceptable by CLI") key_parsed.comment = "cloud-init-{}".format(uuid4()) config.set(['system', 'login', 'user', user, 'authentication', 'public-keys', key_parsed.comment, 'key'], value=key_parsed.base64, replace=True) -- cgit v1.2.3