Jump to content

[Armbian build PR] - armbian-firstrun: Optionally skip OpenSSH host key regeneration

RSS Bot

By RSS Bot
in SBC News

 Share

Recommended Posts

RSS Bot

RSS Bot

Posted
Posted

Description

Context

systemd's cloud-init.target and armbian-firstrun.service will be started concurrently (both are wanted by multi-user.target). Both will try to create SSH host keys by default:

  • armbian-firstrun will always delete SSH host keys and then generate new ones
  • cloud-init.target (by default) will always delete SSH host keys and then generate new ones.

Problem

When one must run armbian-firstrun and cloud-init, there is no deterministic ordering between the 2 files execution and therefore no one can guarantee which will be last to setup OpenSSH host keys. In my current scenario, host keys are explicitly setup in cloud-init and I would expect armbian-firstrun to not delete keys + no ssh host key generation.

Implemented Solution

armbian-firstrun support user defined config to optionally regenerate SSH host keys:

  • no: no ssh key deleted + no ssh host key generated. Allow cloud-init to take over this behaviour deterministically.
  • yes (or undefined): ssh host key deleted + generated (compatibility: current armbian behaviour)

Documentation summary for feature / change

If documentation entry is predicted, please provide key elements for further implementation into main documentation and set label to "Needs Documentation". You are welcome to open a PR to documentation or you can leave following information for technical writer:

  • [x] short description

armbian-firstrun: Optionally skip OpenSSH host key regeneration

  • [x] summary

To skip armbian-firstrun's OpenSSH host key deletion + regeneration (eg: to let cloud-init set the SSH host keys), then define OPENSSHD_REGENERATE_HOST_KEYS=no in the /path/to/userpatches/config-*.conf file used by ./compile.sh to build the image.

  • [ ] example of usage

See above

How Has This Been Tested?

  • [ ] qemu-x86 board: build with OPENSSHD_REGENERATE_HOST_KEYS=no and expect armbian-firstrun to not regenerate ssh host keys
  • [ ] [Test B](qemu-x86 board: build without OPENSSHD_REGENERATE_HOST_KEYS set and expect armbian-firstrun to regenerate ssh host keys

Checklist:

Please delete options that are not relevant.

  • [x] My code follows the style guidelines of this project
  • [x] I have performed a self-review of my own code
  • [x] I have commented my code, particularly in hard-to-understand areas
  • [x] My changes generate no new warnings

View the full article

Link to comment
Share on other sites

Armbian & Khadas are rewarding contributors

 Share
Go to topic listing
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines

  I accept