[pve-devel] [PATCH container] fix #1253: display SSH fingerprints on CT setup

Fabian Gr├╝nbichler f.gruenbichler at proxmox.com
Tue Jan 17 14:12:34 CET 2017


Signed-off-by: Fabian Gr├╝nbichler <f.gruenbichler at proxmox.com>
---
Since we are using the host's ssh-keygen, this output should be very stable.

 src/PVE/LXC/Setup.pm | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/PVE/LXC/Setup.pm b/src/PVE/LXC/Setup.pm
index b9e112b..1baeaa2 100644
--- a/src/PVE/LXC/Setup.pm
+++ b/src/PVE/LXC/Setup.pm
@@ -218,17 +218,24 @@ sub rewrite_ssh_host_keys {
 
     my $hostname = $conf->{hostname} || 'localhost';
     $hostname =~ s/\..*$//;
+    my $ssh_comment = "root\@$hostname";
 
-    # Create temporary keys in /tmp on the host
+    my $keygen_outfunc = sub {
+	my $line = shift;
+
+	print "done: $line\n"
+	    if ($line =~ m/^([0-9a-f]{2}:)+[0-9a-f]{2}\s+\Q$ssh_comment\E$/i);
+    };
 
+    # Create temporary keys in /tmp on the host
     my $keyfiles = {};
     foreach my $keytype (keys %$keynames) {
 	my $basename = $keynames->{$keytype};
 	my $file = "/tmp/$$.$basename";
 	print "Creating SSH host key '$basename' - this may take some time ...\n";
-	my $cmd = ['ssh-keygen', '-q', '-f', $file, '-t', $keytype,
-		   '-N', '', '-C', "root\@$hostname"];
-	PVE::Tools::run_command($cmd);
+	my $cmd = ['ssh-keygen', '-f', $file, '-t', $keytype,
+		   '-N', '', '-C', $ssh_comment];
+	PVE::Tools::run_command($cmd, outfunc => $keygen_outfunc);
 	$keyfiles->{"/etc/ssh/$basename"} = [PVE::Tools::file_get_contents($file), 0600];
 	$keyfiles->{"/etc/ssh/$basename.pub"} = [PVE::Tools::file_get_contents("$file.pub"), 0644];
 	unlink $file;
-- 
2.1.4




More information about the pve-devel mailing list