# -*-sh-*-
+# $Id$
+# $URL$
# this file defines a few convenience bash shorthands for managing myplc nodes
# it is installed in /usr/share/myplc/aliases
# you might wish to use it in your own bash startup files (.profile/.bashrc)
[[ -z "$@" ]] && { echo "Usage: $0 hostname [command]" ; return 1; }
node_key /etc/planetlab/debug_ssh_key.rsa "$@"
}
-function node_boot () {
- [[ -z "$@" ]] && { echo "Usage: $0 hostname [command]" ; return 1; }
- node_key /etc/planetlab/root_ssh_key.rsa "$@"
-}
-
function nodes_dbg () {
[[ -z "$@" ]] && { echo "Usage: $0 hosts_file [command]" ; return 1; }
node_keys /etc/planetlab/debug_ssh_key.rsa "$@"
}
-function nodes_boot () {
- [[ -z "$@" ]] && { echo "Usage: $0 hosts_file [command]" ; return 1; }
- nodes_key /etc/planetlab/root_ssh_key.rsa "$@"
-}
-
-function clear_keys () {
+function clear_known_hosts () {
for hostname in "$@"; do
sed -i "/$hostname/d" ~/.ssh/known_hosts
done
-}
-
+}
# -*-python-*-
+# $Id$
+# $URL$
#################### conf files
# Setup default PlanetLabConf entries
'always_update': False},
# SSH server configuration
+ # keys for root and site_admin are now handled as part of the specialaccounts NodeManager plugin
{'enabled': True,
'source': 'PlanetLabConf/sshd_config',
'dest': '/etc/ssh/sshd_config',
'ignore_cmd_errors': False,
'always_update': False},
- # Administrative SSH keys
- {'enabled': True,
- 'source': 'PlanetLabConf/keys.php?root',
- 'dest': '/root/.ssh/authorized_keys',
- 'file_permissions': '644',
- 'file_owner': 'root',
- 'file_group': 'root',
- 'preinstall_cmd': '',
- 'postinstall_cmd': '/bin/chmod 700 /root/.ssh',
- 'error_cmd': '',
- 'ignore_cmd_errors': False,
- 'always_update': False},
- {'enabled': True,
- 'source': 'PlanetLabConf/keys.php?site_admin',
- 'dest': '/home/site_admin/.ssh/authorized_keys',
- 'file_permissions': '400',
- 'file_owner': 'site_admin',
- 'file_group': 'site_admin',
- 'preinstall_cmd': 'grep -q site_admin /etc/passwd',
- 'postinstall_cmd': '/bin/chmod 700 /home/site_admin/.ssh;/bin/chown site_admin:site_admin /home/site_admin/.ssh',
- 'error_cmd': '',
- 'ignore_cmd_errors': False,
- 'always_update': False},
# Log rotation configuration
{'enabled': True,
'source': 'PlanetLabConf/logrotate.conf',
Copyright (C) 2006 The Trustees of Princeton University
$Id$
+$URL$
-->
<!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "plc_config.dtd">
be downloaded, or its contents replaced by a file upload,
but the actual <value> shouldn't need to be changed. -->
- <variable id="root_ssh_key_pub" type="file">
- <name>Root SSH Public Key</name>
- <value>/etc/planetlab/root_ssh_key.pub</value>
- <description>The SSH public key used to access the root
- account on your nodes.</description>
- </variable>
-
- <variable id="root_ssh_key" type="file">
- <name>Root SSH Private Key</name>
- <value>/etc/planetlab/root_ssh_key.rsa</value>
- <description>The SSH private key used to access the root
- account on your nodes.</description>
- </variable>
-
<variable id="debug_ssh_key_pub" type="file">
<name>Debug SSH Public Key</name>
<value>/etc/planetlab/debug_ssh_key.pub</value>
#!/bin/bash
+# $Id$
+# $URL$
#
# priority: 600
#
set -x
# XXX Could make these configurable
-KEY_TYPE_ROOT=rsa
-KEY_LEN_ROOT=1024
KEY_TYPE_DEBUG=rsa
KEY_LEN_DEBUG=2048
tmp=$(mktemp -d /tmp/ssh.XXXXXX)
- # Generate root SSH key
- if [ ! -f $PLC_ROOT_SSH_KEY_PUB -o ! -f $PLC_ROOT_SSH_KEY ] ; then
- ssh-keygen -N "" -C "$PLC_NAME Central <$PLC_MAIL_SUPPORT_ADDRESS>" \
- -b $KEY_LEN_ROOT -t $KEY_TYPE_ROOT -f $tmp/root
- check
- install -D -m 600 $tmp/root $PLC_ROOT_SSH_KEY
- install -D -m 644 $tmp/root.pub $PLC_ROOT_SSH_KEY_PUB
- fi
-
# Generate debug SSH key
if [ ! -f $PLC_DEBUG_SSH_KEY_PUB -o ! -f $PLC_DEBUG_SSH_KEY ] ; then
ssh-keygen -N "" -C "$PLC_NAME Central <$PLC_MAIL_SUPPORT_ADDRESS>" \
# description: Manages all PLC services on this machine
#
# $Id$
+# $URL$
#
# Source function library and configuration