Revert "ssh_util: handle non-default AuthorizedKeysFile config (#586)"

[OddBloke]

Proposed Commit Message

Revert "ssh_util: handle non-default AuthorizedKeysFile config (#586)"

This reverts commit b0e73814db4027dba0b7dc0282e295b7f653325c.

LP: #1911680

Additional Context

This is the same fix used in the 20.4.1 hotfix release, now being included upstream.

Test Steps

The following integration test can be used to validate this:

ABSOLUTE_AUTH_KEYS_PATH = "/etc/ssh/authorized_keys"
BACKDOOR_KEYS = "/etc/backdoor_keys"
USER_DATA_TMPL = """\
#cloud-config
bootcmd:
- sed -i "s,#AuthorizedKeysFile.*,AuthorizedKeysFile {0} {1}," /etc/ssh/sshd_config
runcmd:
- |
    cat << EOF > {1}
    {{}}
    EOF
""".format(ABSOLUTE_AUTH_KEYS_PATH, BACKDOOR_KEYS)


# This test checks that we do not write keys into an absolute
# AuthorizedKeysFile by default, because doing so presents a security issue.
#
# Because we're intentionally testing that we do not write authorized keys to
# the location configured for sshd, we cannot SSH into the system using keys in
# that path.  We use runcmd to populate a second configured path to grant us
# access; runcmd will install the key after all the SSH key determination has
# been completed, therefore not affecting it.


def test_test(session_cloud, setup_image):
    # We shouldn't write out absolute files until we've figured out how to do
    # it right
    user_data = USER_DATA_TMPL.format(
        session_cloud.cloud_instance.key_pair.public_key_content
    )
    with session_cloud.launch(user_data=user_data) as client:
        assert client.execute(
            "test -f {}".format(ABSOLUTE_AUTH_KEYS_PATH)
        ).failed

Checklist:

• My code follows the process laid out in the documentation
• I have updated or added any unit tests accordingly
• I have updated or added any documentation accordingly