github.com/xen-tools.xen-tools
1
0
Fork 0
mirror of synced 2026-01-28 04:27:38 +00:00
Code Releases Activity

Fix 70-install-ssh in debian, print RSA fingerprint

Browse Source 
This will fix 70-install-ssh, allowing it complete postinst by
generating host SSH keys for it. The resulting RSA host key
fingerprint is printed in an Installation summary at the end
of isntall. Next step is to apply the same change to the remaining
70-install-ssh's.
This commit is contained in:
Dmitry Nedospasov
2010-06-02 23:51:36 +02:00
parent 9c6f708a0d
commit 8cf4c83936
3 changed files with 62 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
TODO
View File

@@ -15,15 +15,6 @@ Minor bugs to fix and features to add before a 4.2 release
Shouldn't give up after only one password missmatch. This is just
a mater of wrapping the passwd call in a loop.
* Fix 70-install-ssh
Currently 70-install-ssh fails to finish installing the ssh-server
because it does not have a random seed to generate the host keys.
Mounting /proc and /dev in chroot prior to calling the install
function should fix this. If ssh-server is successfully installed
in the domU, it's key fingerprint should be echo'd in a way that
can easily be grep'ed into other scripts.
* Test and support more file system types.
Actually this should be pretty simple now that the parameters are

31
bin/xen-create-image
View File

@@ -3933,12 +3933,22 @@ sub unMountImage
sub END
{
my $host_rsa_key = '';
#
# Unmount the image if it is still mounted.
#
if ( defined($MOUNT_POINT) )
{
#
# Before we unmount get the host's RSA key
#
my $key_path .= $MOUNT_POINT;
$key_path .= '/etc/ssh/ssh_host_rsa_key.pub';
if ( `ssh-keygen -lf $key_path` =~ /^(\S+)\s+(\S+)/ ) {
$host_rsa_key = $2;
} else {
$host_rsa_key = "N/A";
}
unMountImage($MOUNT_POINT);
}
@@ -3961,6 +3971,8 @@ sub END
# Did we fail? If so then we should remove the broken installation,
# unless "--keep" was specified.
#
# If we didn't fail, then we assume we succeeded, print a summary
#
if ( ($FAIL == 1) && ( !$CONFIG{ 'keep' } ) )
{
@@ -3971,5 +3983,22 @@ sub END
logprint("Removing failed install: $CONFIG{'hostname'}\n");
system("xen-delete-image --hostname=$CONFIG{'hostname'}");
} else {
#
# Assume success
#
logprint("\nInstallation Summary\n");
logprint("---------------------\n");
logprint("Hostname : $CONFIG{'hostname'}\n");
logprint("Distribution : $CONFIG{'dist'}\n");
logprint("IP-Address : ");
if ( $CONFIG{ 'dhcp' } ) {
logprint("dynamic");
} elsif( $CONFIG{ 'ip' } ) {
logprint( $CONFIG{ 'ip' } );
}
logprint("\n");
logprint("RSA Fingerprint : $host_rsa_key");
logprint("\n\n");
}
}

45
hooks/debian/70-install-ssh
View File

@@ -1,18 +1,17 @@
#!/bin/sh
#
# This script installs OpenSSH upon the new system.
# This script installs OpenSSH Server on the newly created guest.
#
# It does this by generating the keys within the host, since guests
# do not have the necessary /dev/random and /dev/urandom to generate
# their own keys before boot.
#
# It must make sure that the server is not running before it exits
# otherwise the temporary mounted directory will not be unmountable.
#
# Steve
# Dmitry Nedospasov
# --
# http://www.steve.org.uk/
# http://nedos.net/
prefix=$1
#
# Source our common functions
#
@@ -22,20 +21,40 @@ else
. ./hooks/common.sh
fi
#
# Log our start
#
logMessage Script $0 starting
#
# Since our guests doesn't have an RNG, generate the keys from the host
#
# First, create an ssh directory
#
mkdir -p ${prefix}/etc/ssh
#
# Second, Generate the Host RSA Key
#
if ssh-keygen -t rsa -N '' -f ${prefix}/etc/ssh/ssh_host_rsa_key -C "root@${hostname}"; then
logMessage "successfully generetaged Host RSA"
else
logMessage "failed to generate Host RSA Key"
fi
#
# Third, Generate the Host DSA Key
#
if ssh-keygen -t dsa -N '' -f ${prefix}/etc/ssh/ssh_host_dsa_key -C "root@${hostname}"; then
logMessage "successfully generetaged Host DSA"
else
logMessage "failed to generate Host DSA Key"
fi
#
# Install ssh
#
installDebianPackage ${prefix} openssh-server
#
# Log our finish
#
logMessage Script $0 finished