From 5b43ff1334e3b05809f742323bf867b8aa022dab Mon Sep 17 00:00:00 2001 From: Marc Fiuczynski Date: Sat, 24 Oct 2009 12:29:16 +0000 Subject: [PATCH] Revert to keep the root ssh key around. --- default_config.xml | 14 ++++++++++++++ plc.d/ssh | 11 +++++++++++ 2 files changed, 25 insertions(+) diff --git a/default_config.xml b/default_config.xml index e2204b8..7a59c9d 100644 --- a/default_config.xml +++ b/default_config.xml @@ -75,6 +75,20 @@ $URL$ be downloaded, or its contents replaced by a file upload, but the actual shouldn't need to be changed. --> + + Root SSH Public Key + /etc/planetlab/root_ssh_key.pub + The SSH public key used to access the root + account on your nodes. + + + + Root SSH Private Key + /etc/planetlab/root_ssh_key.rsa + The SSH private key used to access the root + account on your nodes. + + Debug SSH Public Key /etc/planetlab/debug_ssh_key.pub diff --git a/plc.d/ssh b/plc.d/ssh index db47023..f667372 100755 --- a/plc.d/ssh +++ b/plc.d/ssh @@ -20,6 +20,8 @@ set -x # XXX Could make these configurable +KEY_TYPE_ROOT=rsa +KEY_LEN_ROOT=1024 KEY_TYPE_DEBUG=rsa KEY_LEN_DEBUG=2048 @@ -30,6 +32,15 @@ case "$1" in tmp=$(mktemp -d /tmp/ssh.XXXXXX) + # Generate root SSH key + if [ ! -f $PLC_ROOT_SSH_KEY_PUB -o ! -f $PLC_ROOT_SSH_KEY ] ; then + ssh-keygen -N "" -C "$PLC_NAME Central <$PLC_MAIL_SUPPORT_ADDRESS>" \ + -b $KEY_LEN_ROOT -t $KEY_TYPE_ROOT -f $tmp/root + check + install -D -m 600 $tmp/root $PLC_ROOT_SSH_KEY + install -D -m 644 $tmp/root.pub $PLC_ROOT_SSH_KEY_PUB + fi + # Generate debug SSH key if [ ! -f $PLC_DEBUG_SSH_KEY_PUB -o ! -f $PLC_DEBUG_SSH_KEY ] ; then ssh-keygen -N "" -C "$PLC_NAME Central <$PLC_MAIL_SUPPORT_ADDRESS>" \ -- 2.43.0