From bc5a65b517273a3bc59ecd27fed5fce29fa7a6cb Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Wed, 13 Jun 2018 18:26:28 -0300 Subject: Adds ssh_custom_pubkey config --- kvmx | 12 +++++++----- kvmx-create | 21 ++++++++++++++++++--- kvmxfile | 7 +++++++ 3 files changed, 32 insertions(+), 8 deletions(-) diff --git a/kvmx b/kvmx index aaa3f95..b00c747 100755 --- a/kvmx +++ b/kvmx @@ -181,11 +181,13 @@ function __kvmx_initialize { MONITORFILE="$STATE_DIR/monitor" CONSOLEFILE="$STATE_DIR/console" - if [ -e "$DATADIR/ssh/$VM.key" ]; then - mkdir -p "$DATADIR/ssh" - SSHKEY="$DATADIR/ssh/$VM.key" - else - SSHKEY="$APP_BASE/share/ssh/insecure_private_key" + if [ -z "$ssh_custom_pubkey" ]; then + if [ -e "$DATADIR/ssh/$VM.key" ]; then + mkdir -p "$DATADIR/ssh" + SSHKEY="$DATADIR/ssh/$VM.key" + else + SSHKEY="$APP_BASE/share/ssh/insecure_private_key" + fi fi if [ ! -z "$user" ]; then diff --git a/kvmx-create b/kvmx-create index 56b08b6..a00f78c 100755 --- a/kvmx-create +++ b/kvmx-create @@ -451,9 +451,19 @@ EOF if [ "$ssh_support" == "y" ]; then if [ "$ssh_custom" == "y" ]; then - privkey="$sshdir/ssh/$hostname.key" - pubkey="${privkey}.pub" - __kvmx_ssh_keygen $privkey "$user@$hostname" + if [ ! -z "$ssh_custom_pubkey" ]; then + pubkey="$sshdir/ssh/$hostname.key.pub" + + if [ -e "$ssh_custom_pubkey" ]; then + cp $ssh_custom_pubkey $pubkey + else + echo $ssh_custom_pubkey > $pubkey + fi + else + privkey="$sshdir/ssh/$hostname.key" + pubkey="${privkey}.pub" + __kvmx_ssh_keygen $privkey "$user@$hostname" + fi else pubkey="$DIRNAME/share/ssh/insecure_private_key.pub" fi @@ -463,6 +473,11 @@ EOF kvmx_sudo_run cp $pubkey $WORK/home/$user/.ssh/authorized_keys kvmx_sudo_run chroot $WORK/ chmod 600 /home/$user/.ssh/authorized_keys kvmx_sudo_run touch $WORK/home/$user/.hushlogin + + # Cleanup temporary file if needed + if [ ! -z "$ssh_custom_pubkey" ]; then + rm $pubkey + fi fi kvmx_sudo_run chroot $WORK/ chown -R $user.$user /home/$user diff --git a/kvmxfile b/kvmxfile index fc296ba..30aa9f7 100644 --- a/kvmxfile +++ b/kvmxfile @@ -163,6 +163,13 @@ ssh_support="y" # This setting is used during virtual machine bootstrapping by kvmx-create. ssh_custom="y" +# Use this config if you want kvmx-create to include a specif SSH pubkey +# It might be a path for an existing pubkey file or the public key itself. +# +# Make sure to have this key available when trying to SSH into the guest using kvmx +#ssh_custom_pubkey="/home/myhostuser/.ssh/id_rsa.pub" +#ssh_custom_pubkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVFmJ2UDn2dK3nHHAkHzt8F4AfrXTFiGa+guem92S/pztMGAUDjEZBYEW3mZ8ATyo4GoPZ92tkjmra0Fgv6ETIox+SPWbzzjhzbv2CQUTWvF6PEVwJbT1PTzaIVRiDYf+yX7e3Y8HcmkAi60Cxs5Xr3HLkqdi2jYKFofCm58R+HGnRv1WSurPnf7C7KQBSW7E1S2CafW9VFHhGCzezyThjN+n3bJjgYFzPxdTlWyfW1T7Yv61/fqfuara0kpZx1l5pblpgbCTT7WKRIhwj1x0QTo/qDQ6k52tffiCVyMGJKvires9yp5qT5Y+ldssBKDa8muRF/dh7/UCyxvcm3HTDjWG24Sr4r9JWbhkqF89UePlOw5j73qw4gzT7YQ38tzz2XI5weAL1OXM6qhCbOwfPXwYbB5xM4g62WZugtcCLan6Iy8hvoiRIJ1MU2ar73wunghQQ84oNIrEVezJsuZxwxVbe45ulnM7x4Hqeu6jmOutWFkdkAHsqd1E3zTOS1RURwi0TpnD+iWwD7FOA9c8B6AWP4i9XVW6BLi1waARrS3bVnOh3djc20fVsClfEDDXFg2KiTeQaAWfjLguyUmxysSiUC2pnibd1bEDtdfPlkA2jaE2nAn6Tw7Vp5zd8P1d1trLMx3YkRq5uQSPqnfQDKoYH5FPMlNTbMINLC56ijw== user@kvmx" + # Bootloader (used only during bootstrapping by kvmx-create). bootloader="grub" -- cgit v1.2.3