help needed
Garrett Holmstrom
gholms at fedoraproject.org
Sat Mar 31 20:40:29 UTC 2012
On Mar 31, 2012 6:44 AM, "Andy Grimm" <agrimm at gmail.com> wrote:
>
> SOLVED!
>
> From /usr/share/doc/cloud-init-0.6.3/ChangeLog :
>
> "read /etc/ssh/sshd_config for AuthorizedKeysFile rather than assuming
> ~/.ssh/authorized_keys (LP: #731849)"
>
> The problem is that this change in cloud-init does not properly handle
> relative paths, which are documented in the sshd_config manpage as
> being relative to the user's home directory. So the quick fix was to
> change /etc/ssh/sshd_config from:
>
> AuthorizedKeysFile .ssh/authorized_keys
>
> to:
>
> AuthorizedKeysFile %h/.ssh/authorized_keys
>
> The more correct fix is in cloud-init, probably something like:
>
> --- a/cloudinit/SshUtil.py 2012-03-31 09:28:42.598996936 -0400
> +++ b/cloudinit/SshUtil.py 2012-03-31 09:40:47.758829938 -0400
> @@ -155,6 +155,8 @@
> akeys = ssh_cfg.get("AuthorizedKeysFile",
"%h/.ssh/authorized_keys")
> akeys = akeys.replace("%h", pwent.pw_dir)
> akeys = akeys.replace("%u", user)
> + if not akeys.startswith('/'):
> + akeys = os.path.join(pwent.pw_dir, akeys)
> authorized_keys = akeys
> except Exception:
> authorized_keys = '%s/.ssh/authorized_keys' % pwent.pw_dir
>
>
> How do you want to handle this? Should I go ahead and file both RHBZ
> and LP issues for it?
If you're willing to, please do so. Otherwise I can forward a RHBZ bug to
Launchpad.
Thanks for figuring this out!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/cloud/attachments/20120331/3e496344/attachment.html>
More information about the cloud
mailing list