search for: ssh_key

Dear puppet wizards, http://docs.puppetlabs.com/puppet/3/reference/lang_defined_types.html does not suggest to me that nested parametrized defines would be forbidden, hence I expected the following code to work: add_to_ssh_authorized_keys.pp: -------- define a::ssh_keys::add_to_ssh_authorized_keys($homebasedir="/home", $targetuser="root", $keyowner, $keyownername, $state="present" ) { $sshdir = "$homebasedir/$targetuser/.ssh" $authfile = "$sshdir/authorized_keys" ssh_authorized_key {"$keyowner@censhare.de...

Turn the snippet reading user information from /etc/passwd in a slightly more generic function, so there is no need to copy&paste for other details. Mostly code motion. --- customize/ssh_key.ml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml index a4e4a51..7c482e7 100644 --- a/customize/ssh_key.ml +++ b/customize/ssh_key.ml @@ -106,13 +106,15 @@ let do_ssh_inject_unix (g : Guestfs.guestfs) user selector = (* G...

...s at redhat.com>: https://www.redhat.com/archives/libguestfs/2014-November/msg00000.html --- builder/Makefile.am | 1 + builder/cmdline.ml | 4 +- builder/virt-builder.pod | 31 +++++++++++ customize/Makefile.am | 3 + customize/customize_run.ml | 8 +++ customize/ssh_key.ml | 133 +++++++++++++++++++++++++++++++++++++++++++++ customize/ssh_key.mli | 31 +++++++++++ generator/customize.ml | 38 ++++++++++++- po/POTFILES-ml | 1 + sysprep/Makefile.am | 1 + v2v/Makefile.am | 1 + 11 files changed, 248 insertions(+)...

Both ssh-copy-id and ssh create .ssh as 0700. ssh-copy-id creates .ssh/authorized_keys as 0600. Thanks: Ryan Sawhill for finding the bug. --- customize/ssh_key.ml | 4 ++-- src/guestfs.pod | 17 +++++++++++++++++ 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml index 09664bf..dd6056f 100644 --- a/customize/ssh_key.ml +++ b/customize/ssh_key.ml @@ -119,14 +119,14 @@ let do_ssh_inject_unix (g...

This adds a customize option: virt-customize --ssh-inject USER[=KEY] virt-builder --ssh-inject USER[=KEY] virt-sysprep --ssh-inject USER[=KEY] In each case this either injects the current (host) user's ssh pubkey into the guest user USER (adding it to ~USER/.ssh/authorized_keys in the guest), or you can specify a particular key. For example: virt-builder fedora-20 --ssh-inject root

When creating ~/.ssh and ~/.ssh/authorized_keys (in case they are missing), change their ownership to the target user. If not, they are owned by root. --- customize/ssh_key.ml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/customize/ssh_key.ml b/customize/ssh_key.ml index 7c482e7..d05816c 100644 --- a/customize/ssh_key.ml +++ b/customize/ssh_key.ml @@ -115,20 +115,24 @@ let do_ssh_inject_unix (g : Guestfs.guestfs) user selector =...

...edTo: unassigned-bugs at mindrot.org ReportedBy: jchadima at redhat.com the setgid programs are potentially less dangerous than setuid ones. the only setuid program in the openssh suite is ssh-keysign. It need to access private server keys. The solution is to create one dedicated group (ssh_keys). The keys then should be rw-r---- root:ssh_keys The ssh-keysign should be setgid ssh_keys And finally authfile.c should be patched to accept such keys. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watchin...

...t been able to successfully sync using this method. I have tried using both OpenSSH for Windows and Plink from Putty. Here is the verbose output from each. Please note the file has been scrubbed for any information related to my company :) rsync -azve "ssh -l ssh_user proxy.example.com -i ssh_key 873:200.200.200.200:7000" rsync_user@127.0.0.1::package . OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004 debug1: Connecting to proxy.example.com[IP] port 22. debug1: Connection established. debug1: identity file ssh_key type -1 debug1: Remote protocol version 2.0, remote soft...

Doing this allows us to remove the Customize_utils module completely, since it becomes empty. Rich.

Hello, I''m trying to reuse an ssh_authorized_key, but I''m having some problems. There was a recent thread about using the same key for different users, but I didn''t see any resolution there. My issue is a bit different. I''m currently using this key: class ssh_keys::all { class bob { ssh_authorized_key {"bob": name => "bob@somehost", ensure => present, key => "*snip*" user => "root", type => ssh-dss } } } I''m tr...

Hi all, I am trying to understand how does hiera puppet backend work, so I created the following example: hiera.yaml has only: --- :backends: - puppet --- And the node: node ''testnode'' { $variable = ''kk'' $thing = hiera ("variable") notify { "note: $thing": } } I don''t want to use the yaml backend for now, just want to

...4f 100644 --- a/builder/Makefile.am +++ b/builder/Makefile.am @@ -155,6 +155,7 @@ BOBJECTS = \ $(top_builddir)/customize/perl_edit.cmo \ $(top_builddir)/customize/crypt.cmo \ $(top_builddir)/customize/password.cmo \ + $(top_builddir)/customize/SELinux_relabel.cmo \ $(top_builddir)/customize/ssh_key.cmo \ $(top_builddir)/customize/subscription_manager.cmo \ $(top_builddir)/customize/customize_cmdline.cmo \ diff --git a/builder/virt-builder.pod b/builder/virt-builder.pod index 91c1114..29a67a9 100644 --- a/builder/virt-builder.pod +++ b/builder/virt-builder.pod @@ -1756,20 +1756,21 @@ two p...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I had a working 0.19.3 puppet install, but after an upgrade to 0.20 and then restarting puppetmasterd I get the following error: # /etc/init.d/puppetmaster start All resource specifications require names in file /etc/puppet/manifests/modules/ssh_keys.pp at line 24 * Failed to start puppetmaster So, looking at the file in question shows the following code (in condensed form): 1 class ssh_keys { 2 # Commemnts : ... [snip] 19 20 sshkey { name => "portman-linux.goshen.edu", 21 alias => [ "portman-linux", &q...

...ption_manager.mli diff --git a/builder/Makefile.am b/builder/Makefile.am index d69e25f..2413217 100644 --- a/builder/Makefile.am +++ b/builder/Makefile.am @@ -125,6 +125,7 @@ BOBJECTS = \ $(top_builddir)/customize/crypt.cmo \ $(top_builddir)/customize/password.cmo \ $(top_builddir)/customize/ssh_key.cmo \ + $(top_builddir)/customize/subscription_manager.cmo \ $(top_builddir)/customize/customize_cmdline.cmo \ $(top_builddir)/customize/customize_run.cmo \ $(SOURCES_ML:.ml=.cmo) diff --git a/builder/virt-builder.pod b/builder/virt-builder.pod index 41cda1a..b4a341f 100644 --- a/builder/virt...

Str is a pretty ugly regexp module. Let's try to replace it with PCRE. This series of commits goes some small way towards that eventual goal. - - - I wonder if there was a deep reason why we had this? let unix2dos s = String.concat "\r\n" (Str.split_delim (Str.regexp_string "\n") s) I replaced it with what I think should be (nearly) equivalent: let unix2dos s =

Hi, this is the v2 of a series introducing basic support for registering/attaching/unregistering RHEL guests using subscription-manager, so it is possible to do for example: $ virt-customize -a rhel-guest.qcow2 \ --sm-credentials user:file:/path/to/password-file --sm-register \ --sm-attach file:/path/to/pool-file \ --install pkg1 --install pkg2 .. \ --sm-remove --sm-unregister

...ide myscript, I do the following: read -p "Username: " RUSER ssh $RUSER at 127.0.0.1 -p 1023 with this setting, i find these: If i run sshd in debug mode, password is asked in the server window, prints go to client window: server terminal: sshd -d -f /etc/ssh/sshd_config -h /etc/ssh/ssh_key Starting session: forced-command (config) '. /etc/myscript' on pts/3 for customuser from 10.102.12.12 port 41622 admin at 127.0.0.1's password: client terminal: ssh customuser at 10.220.167.18 Username: admin If i run sshd in non interactive mode: it doesnt ask for password at all...

Hi, some time ago I had started working on a rsync-based backup system. After I longer break; I now tried to continue this project but can't get it to work anymore. Maybe somebody here has any idea. The basic setup looks like this: client: $rsync $rsync_opts --rsh="'ssh -i $ssh_key'" $filesystems $bak_host::backup_module/path on the server side, the ssh key triggered a shell script that generated a configuration like [backup_module] path=/some/path use chroot=1 ... and eventually invoked rsync with the command line: rsync --daemon --no-detach --config $cfg_file B...

...keys" ]; then chmod 644 $INSTALL_ROOT/root/.ssh/authorized_keys fi +if [ -f ovirt-ssh_host_dsa_key -f ovirt-ssh_host_dsa_key.pub \ + -f ovirt-ssh_host_key -f ovirt-ssh_host_key.pub \ + -f ovirt-ssh_host_rsa_key -f ovirt-ssh_host_rsa_key.pub ]; then + echo "Adding persistent ssh_keys for host to Image" + mkdir -p $INSTALL_ROOT/etc/ssh + cp -v ovirt-ssh_host_dsa_key $INSTALL_ROOT/etc/ssh/ssh_host_dsa_key + cp -v ovirt-ssh_host_key $INSTALL_ROOT/etc/ssh/ssh_host_key + cp -v ovirt-ssh_host_rsa_key $INSTALL_ROOT/etc/ssh/ssh_host_rsa_key + cp -v ovirt-ssh_host_key....

...hkey { "$hostname": type => rsa, key => $sshrsakey } @@sshkey { "$fqdn": type => rsa, key => $sshrsakey } @@sshkey { "$ipaddress": type => rsa, key => $sshrsakey } } } } class ssh_keys { include ssh_rsa_keys # Now collect everyone else''s keys Sshkey <<| |>> # and my own? Sshkey <| |> }