From c7123a7f3bc08a2d45ce6b2d66107a669284e3f1 Mon Sep 17 00:00:00 2001
From: Scott Moser <smoser@ubuntu.com>
Date: Mon, 29 Aug 2011 20:26:17 -0400
Subject: improve updating of .ssh/authorized_keys

These changes update the .ssh/authorized_keys rather than simply appending
This is preferable as ssh daemon picks the first key that is present.

This fixes 2 issues where something had edited a .ssh/authorized_keys
prior to cloud-init getting at it.
 a.) LP: #434076 a user prior to re-bundling
 b.) LP: #833499 the hypervisor

If you want to enable ssh access for root user, the proper way to do it is
with 'disable_root: False' in cloud-config.

LP: #434076, #833499
---
 ChangeLog | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 71762a9e..175e9b15 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -44,6 +44,9 @@
    This was done by changing all users of util.subp to have None input unless specified
  - Add some debug info to the console when cloud-init runs.
    This is useful if debugging, IP and route information is printed to the console.
+ - change the mechanism for handling .ssh/authorized_keys, to update entries
+   rather than appending.  This ensures that the authorized_keys that are being
+   inserted actually do something (LP: #434076, LP: #833499)
 
 0.6.1:
  - fix bug in fixing permission on /var/log/cloud-init.log (LP: #704509)
-- 
cgit v1.2.3