[pve-devel] applied: [PATCH container] fix #1253: display SSH fingerprints on CT setup

Wolfgang Bumiller w.bumiller at proxmox.com
Wed Jan 18 11:11:29 CET 2017


applied

On Tue, Jan 17, 2017 at 02:12:34PM +0100, Fabian Grünbichler wrote:
> Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
> ---
> Since we are using the host's ssh-keygen, this output should be very stable.
> 
>  src/PVE/LXC/Setup.pm | 15 +++++++++++----
>  1 file changed, 11 insertions(+), 4 deletions(-)
> 
> diff --git a/src/PVE/LXC/Setup.pm b/src/PVE/LXC/Setup.pm
> index b9e112b..1baeaa2 100644
> --- a/src/PVE/LXC/Setup.pm
> +++ b/src/PVE/LXC/Setup.pm
> @@ -218,17 +218,24 @@ sub rewrite_ssh_host_keys {
>  
>      my $hostname = $conf->{hostname} || 'localhost';
>      $hostname =~ s/\..*$//;
> +    my $ssh_comment = "root\@$hostname";
>  
> -    # Create temporary keys in /tmp on the host
> +    my $keygen_outfunc = sub {
> +	my $line = shift;
> +
> +	print "done: $line\n"
> +	    if ($line =~ m/^([0-9a-f]{2}:)+[0-9a-f]{2}\s+\Q$ssh_comment\E$/i);
> +    };
>  
> +    # Create temporary keys in /tmp on the host
>      my $keyfiles = {};
>      foreach my $keytype (keys %$keynames) {
>  	my $basename = $keynames->{$keytype};
>  	my $file = "/tmp/$$.$basename";
>  	print "Creating SSH host key '$basename' - this may take some time ...\n";
> -	my $cmd = ['ssh-keygen', '-q', '-f', $file, '-t', $keytype,
> -		   '-N', '', '-C', "root\@$hostname"];
> -	PVE::Tools::run_command($cmd);
> +	my $cmd = ['ssh-keygen', '-f', $file, '-t', $keytype,
> +		   '-N', '', '-C', $ssh_comment];
> +	PVE::Tools::run_command($cmd, outfunc => $keygen_outfunc);
>  	$keyfiles->{"/etc/ssh/$basename"} = [PVE::Tools::file_get_contents($file), 0600];
>  	$keyfiles->{"/etc/ssh/$basename.pub"} = [PVE::Tools::file_get_contents("$file.pub"), 0644];
>  	unlink $file;
> -- 
> 2.1.4




More information about the pve-devel mailing list