Revert to keep the root ssh key around.

diff --git a/default_config.xml b/default_config.xml
index e2204b8..7a59c9d 100644 (file)
--- a/default_config.xml
+++ b/default_config.xml
@@ -75,6 +75,20 @@ $URL$
             be downloaded, or its contents replaced by a file upload,
             but the actual <value> shouldn't need to be changed.  -->
 
+       <variable id="root_ssh_key_pub" type="file">
+         <name>Root SSH Public Key</name>
+         <value>/etc/planetlab/root_ssh_key.pub</value>
+         <description>The SSH public key used to access the root
+         account on your nodes.</description>
+       </variable>
+
+       <variable id="root_ssh_key" type="file">
+         <name>Root SSH Private Key</name>
+         <value>/etc/planetlab/root_ssh_key.rsa</value>
+         <description>The SSH private key used to access the root
+         account on your nodes.</description>
+       </variable>
+
        <variable id="debug_ssh_key_pub" type="file">
          <name>Debug SSH Public Key</name>
          <value>/etc/planetlab/debug_ssh_key.pub</value>

diff --git a/plc.d/ssh b/plc.d/ssh
index db47023..f667372 100755 (executable)
--- a/plc.d/ssh
+++ b/plc.d/ssh
@@ -20,6 +20,8 @@
 set -x
 
 # XXX Could make these configurable
+KEY_TYPE_ROOT=rsa
+KEY_LEN_ROOT=1024
 KEY_TYPE_DEBUG=rsa
 KEY_LEN_DEBUG=2048     
 
@@ -30,6 +32,15 @@ case "$1" in
 
        tmp=$(mktemp -d /tmp/ssh.XXXXXX)
 
+       # Generate root SSH key
+       if [ ! -f $PLC_ROOT_SSH_KEY_PUB -o ! -f $PLC_ROOT_SSH_KEY ] ; then
+           ssh-keygen -N "" -C "$PLC_NAME Central <$PLC_MAIL_SUPPORT_ADDRESS>" \
+               -b $KEY_LEN_ROOT -t $KEY_TYPE_ROOT -f $tmp/root
+           check
+           install -D -m 600 $tmp/root $PLC_ROOT_SSH_KEY
+           install -D -m 644 $tmp/root.pub $PLC_ROOT_SSH_KEY_PUB
+       fi
+
        # Generate debug SSH key
        if [ ! -f $PLC_DEBUG_SSH_KEY_PUB -o ! -f $PLC_DEBUG_SSH_KEY ] ; then
            ssh-keygen -N "" -C "$PLC_NAME Central <$PLC_MAIL_SUPPORT_ADDRESS>" \