revert Pull #2087 until issue #2385 is fixed#2388
revert Pull #2087 until issue #2385 is fixed#2388fortinj66 wants to merge 1 commit intoopenshift:masterfrom fortinj66:revert-disabling-authorized_keys.d_try2
Conversation
the authorized_keys file is not being created on cluster install and with authorized_keys.d disabled ssh into the cluster nodes is not possible without manual intervention. Once that issue is fixed authorized_keys.d can be disabled.
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: fortinj66 The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
Hi @fortinj66. Thanks for your PR. I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
needs-ok-to-test
|
Next time please just push to your existing branch/PR instead of opening a new one. =) /assign @vrutkovs |
|
@kikisdeliveryservice |
After I rebase I do a |
|
this will be fixed with #2393 |
|
This (re-)creates a security vulnerability in OKD. Any SSH keys injected during node provisioning will not be managed by the MCO and will remain for the lifetime of the node, even if they are removed from the MachineConfig. |
5 participants
revert #2087
until #2385 is fixed
The authorized_keys file is not being created on cluster install and with authorized_keys.d disabled ssh into the
cluster nodes is not possible without manual intervention. Once that issue is fixed authorized_keys.d can be disabled.
The entry has to be commented out so that the original value does not get overwritten.