diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2018-06-13 18:26:28 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2018-06-13 18:26:28 -0300 |
| commit | bc5a65b517273a3bc59ecd27fed5fce29fa7a6cb (patch) | |
| tree | 947ef5635ad7e34daaee780dba8c4aa777a04a47 | |
| parent | 72827921d99f35686602ef8eb6ee56eaa6824b23 (diff) | |
| download | kvmx-bc5a65b517273a3bc59ecd27fed5fce29fa7a6cb.tar.gz kvmx-bc5a65b517273a3bc59ecd27fed5fce29fa7a6cb.tar.bz2 | |
Adds ssh_custom_pubkey config
| -rwxr-xr-x | kvmx | 12 | ||||
| -rwxr-xr-x | kvmx-create | 21 | ||||
| -rw-r--r-- | kvmxfile | 7 |
3 files changed, 32 insertions, 8 deletions
@@ -181,11 +181,13 @@ function __kvmx_initialize { MONITORFILE="$STATE_DIR/monitor" CONSOLEFILE="$STATE_DIR/console" - if [ -e "$DATADIR/ssh/$VM.key" ]; then - mkdir -p "$DATADIR/ssh" - SSHKEY="$DATADIR/ssh/$VM.key" - else - SSHKEY="$APP_BASE/share/ssh/insecure_private_key" + if [ -z "$ssh_custom_pubkey" ]; then + if [ -e "$DATADIR/ssh/$VM.key" ]; then + mkdir -p "$DATADIR/ssh" + SSHKEY="$DATADIR/ssh/$VM.key" + else + SSHKEY="$APP_BASE/share/ssh/insecure_private_key" + fi fi if [ ! -z "$user" ]; then diff --git a/kvmx-create b/kvmx-create index 56b08b6..a00f78c 100755 --- a/kvmx-create +++ b/kvmx-create @@ -451,9 +451,19 @@ EOF if [ "$ssh_support" == "y" ]; then if [ "$ssh_custom" == "y" ]; then - privkey="$sshdir/ssh/$hostname.key" - pubkey="${privkey}.pub" - __kvmx_ssh_keygen $privkey "$user@$hostname" + if [ ! -z "$ssh_custom_pubkey" ]; then + pubkey="$sshdir/ssh/$hostname.key.pub" + + if [ -e "$ssh_custom_pubkey" ]; then + cp $ssh_custom_pubkey $pubkey + else + echo $ssh_custom_pubkey > $pubkey + fi + else + privkey="$sshdir/ssh/$hostname.key" + pubkey="${privkey}.pub" + __kvmx_ssh_keygen $privkey "$user@$hostname" + fi else pubkey="$DIRNAME/share/ssh/insecure_private_key.pub" fi @@ -463,6 +473,11 @@ EOF kvmx_sudo_run cp $pubkey $WORK/home/$user/.ssh/authorized_keys kvmx_sudo_run chroot $WORK/ chmod 600 /home/$user/.ssh/authorized_keys kvmx_sudo_run touch $WORK/home/$user/.hushlogin + + # Cleanup temporary file if needed + if [ ! -z "$ssh_custom_pubkey" ]; then + rm $pubkey + fi fi kvmx_sudo_run chroot $WORK/ chown -R $user.$user /home/$user @@ -163,6 +163,13 @@ ssh_support="y" # This setting is used during virtual machine bootstrapping by kvmx-create. ssh_custom="y" +# Use this config if you want kvmx-create to include a specif SSH pubkey +# It might be a path for an existing pubkey file or the public key itself. +# +# Make sure to have this key available when trying to SSH into the guest using kvmx +#ssh_custom_pubkey="/home/myhostuser/.ssh/id_rsa.pub" +#ssh_custom_pubkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVFmJ2UDn2dK3nHHAkHzt8F4AfrXTFiGa+guem92S/pztMGAUDjEZBYEW3mZ8ATyo4GoPZ92tkjmra0Fgv6ETIox+SPWbzzjhzbv2CQUTWvF6PEVwJbT1PTzaIVRiDYf+yX7e3Y8HcmkAi60Cxs5Xr3HLkqdi2jYKFofCm58R+HGnRv1WSurPnf7C7KQBSW7E1S2CafW9VFHhGCzezyThjN+n3bJjgYFzPxdTlWyfW1T7Yv61/fqfuara0kpZx1l5pblpgbCTT7WKRIhwj1x0QTo/qDQ6k52tffiCVyMGJKvires9yp5qT5Y+ldssBKDa8muRF/dh7/UCyxvcm3HTDjWG24Sr4r9JWbhkqF89UePlOw5j73qw4gzT7YQ38tzz2XI5weAL1OXM6qhCbOwfPXwYbB5xM4g62WZugtcCLan6Iy8hvoiRIJ1MU2ar73wunghQQ84oNIrEVezJsuZxwxVbe45ulnM7x4Hqeu6jmOutWFkdkAHsqd1E3zTOS1RURwi0TpnD+iWwD7FOA9c8B6AWP4i9XVW6BLi1waARrS3bVnOh3djc20fVsClfEDDXFg2KiTeQaAWfjLguyUmxysSiUC2pnibd1bEDtdfPlkA2jaE2nAn6Tw7Vp5zd8P1d1trLMx3YkRq5uQSPqnfQDKoYH5FPMlNTbMINLC56ijw== user@kvmx" + # Bootloader (used only during bootstrapping by kvmx-create). bootloader="grub" |