Jump to content

Consistent SSH host key setup when cloud-init / armbian-firstrun are both executed


Go to solution Solved by Igor,

Recommended Posts

Hi,

 

Context

 

systemd's cloud-init.target and armbian-firstrun.service will be started concurrently (both are wanted by multi-user.target). Both will try to create SSH host keys by default:

 - armbian-firstrun will always delete SSH host keys and then generate new ones

 - cloud-init.target (by default) will always delete SSH host keys and then generate new ones.

 

Problem

 

When one must run armbian-firstrun and cloud-init, there is no deterministic ordering between the 2 files execution and therefore no one can guarantee which will be last to setup host keys. In my current scenario, host keys are explicitly setup in cloud-init and I would expect armbian-firstrun to not delete keys + no ssh host key generation.

 

Proposed Solution

 

armbian-firstrun support user defined config to control SSH host keys deletion + generation:

- on: ssh host key deleted + generated (compatibility: current armbian behaviour)

- off: no ssh key deleted + no ssh host key generated. Allow cloud-init to take over this behaviour deterministically.

 

Question

 

I am seeking guidance on where the user config setting should be added. Then I can write the if/else condition in the armbian-firstrun script.

Edited by David A
Link to comment
Share on other sites

  • Solution
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines