Skip to content

DLPX-61319 Cloud-init fails to add authorized user ssh key #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
pzakha merged 1 commit into from
Dec 4, 2018
Merged

DLPX-61319 Cloud-init fails to add authorized user ssh key #2

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 20 additions & 2 deletions cloudinit/ssh_util.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
# Copyright (C) 2012 Canonical Ltd.
# Copyright (C) 2012 Hewlett-Packard Development Company, L.P.
# Copyright (c) 2018 by Delphix. All rights reserved.
#
# Author: Scott Moser <scott.moser@canonical.com>
# Author: Juerg Hafliger <juerg.haefliger@hp.com>
Expand All @@ -8,6 +9,7 @@

import os
import pwd
import shlex

from cloudinit import log as logging
from cloudinit import util
Expand Down Expand Up @@ -221,16 +223,32 @@ def extract_authorized_keys(username):
# The following tokens are defined: %% is replaced by a literal
# '%', %h is replaced by the home directory of the user being
# authenticated and %u is replaced by the username of that user.
# Note that there may be multiple files defined, separated by
# white space. If multiple files are detected, return the first
# one.
ssh_cfg = parse_ssh_config_map(DEF_SSHD_CFG)
auth_key_fn = ssh_cfg.get("authorizedkeysfile", '').strip()
value = ssh_cfg.get("authorizedkeysfile", '').strip()
if value:
files = shlex.split(value)
if len(files) == 1:
auth_key_fn = files[0]
elif len(files) > 1:
auth_key_fn = files[0]
LOG.debug("Entry 'AuthorizedKeysFile' in ssh config "
"defines multiple files. Using the first one: "
"%r.", auth_key_fn)
else:
LOG.debug("Entry 'AuthorizedKeysFile' in ssh config "
"has empty value. Using default file.")
if not auth_key_fn:
auth_key_fn = "%h/.ssh/authorized_keys"

auth_key_fn = auth_key_fn.replace("%h", pw_ent.pw_dir)
auth_key_fn = auth_key_fn.replace("%u", username)
auth_key_fn = auth_key_fn.replace("%%", '%')
if not auth_key_fn.startswith('/'):
auth_key_fn = os.path.join(pw_ent.pw_dir, auth_key_fn)
except (IOError, OSError):
except (IOError, OSError, ValueError):
# Give up and use a default key filename
auth_key_fn = os.path.join(ssh_dir, 'authorized_keys')
util.logexc(LOG, "Failed extracting 'AuthorizedKeysFile' in ssh "
Expand Down