From: Marc Fiuczynski Date: Sat, 24 Oct 2009 12:29:16 +0000 (+0000) Subject: Revert to keep the root ssh key around. X-Git-Tag: MyPLC-4.3-29~5 X-Git-Url: http://git.onelab.eu/?p=myplc.git;a=commitdiff_plain;h=5b43ff1334e3b05809f742323bf867b8aa022dab Revert to keep the root ssh key around. --- diff --git a/default_config.xml b/default_config.xml index e2204b8..7a59c9d 100644 --- a/default_config.xml +++ b/default_config.xml @@ -75,6 +75,20 @@ $URL$ be downloaded, or its contents replaced by a file upload, but the actual shouldn't need to be changed. --> + + Root SSH Public Key + /etc/planetlab/root_ssh_key.pub + The SSH public key used to access the root + account on your nodes. + + + + Root SSH Private Key + /etc/planetlab/root_ssh_key.rsa + The SSH private key used to access the root + account on your nodes. + + Debug SSH Public Key /etc/planetlab/debug_ssh_key.pub diff --git a/plc.d/ssh b/plc.d/ssh index db47023..f667372 100755 --- a/plc.d/ssh +++ b/plc.d/ssh @@ -20,6 +20,8 @@ set -x # XXX Could make these configurable +KEY_TYPE_ROOT=rsa +KEY_LEN_ROOT=1024 KEY_TYPE_DEBUG=rsa KEY_LEN_DEBUG=2048 @@ -30,6 +32,15 @@ case "$1" in tmp=$(mktemp -d /tmp/ssh.XXXXXX) + # Generate root SSH key + if [ ! -f $PLC_ROOT_SSH_KEY_PUB -o ! -f $PLC_ROOT_SSH_KEY ] ; then + ssh-keygen -N "" -C "$PLC_NAME Central <$PLC_MAIL_SUPPORT_ADDRESS>" \ + -b $KEY_LEN_ROOT -t $KEY_TYPE_ROOT -f $tmp/root + check + install -D -m 600 $tmp/root $PLC_ROOT_SSH_KEY + install -D -m 644 $tmp/root.pub $PLC_ROOT_SSH_KEY_PUB + fi + # Generate debug SSH key if [ ! -f $PLC_DEBUG_SSH_KEY_PUB -o ! -f $PLC_DEBUG_SSH_KEY ] ; then ssh-keygen -N "" -C "$PLC_NAME Central <$PLC_MAIL_SUPPORT_ADDRESS>" \