On Wed, Aug 1, 2018 at 12:09 PM Scott Moser <[email protected]> wrote: > > I do not think we should leave this line in the file. > Thats confusing. No other distro's cloud.cfg would > have such a line. > > > Diff comments: > > > diff --git a/config/cloud.cfg.tmpl b/config/cloud.cfg.tmpl > > index 5619de3..1fef133 100644 > > --- a/config/cloud.cfg.tmpl > > +++ b/config/cloud.cfg.tmpl > > @@ -24,8 +24,6 @@ disable_root: true > > {% if variant in ["centos", "fedora", "rhel"] %} > > mount_default_fields: [~, ~, 'auto', 'defaults,nofail', '0', '2'] > > resize_rootfs_tmp: /dev > > -ssh_deletekeys: 0 > > -ssh_genkeytypes: ~ > > if we left it as null, it would not generate any keys. > We need it to generate keys.
Why? isn't ssh-keygen service generating keys? > > You are correct in that it will generate the default key > types for cloud-init, which will not necessarily be the > same as those in ssh-keygen service. > > However, cloud-init will *remove* all ssh host keys that match > /etc/ssh/ssh_host_*key* > So we wont' have stale keys sitting around. Hrm, is the goal then to to have cloud-init wipe *all* keys even if it didn't generate them on new-instance? That would include any keys generated by the ssh-keygen service? And if so, is that OK for cloud-init to do? And from above, if ssh-keygen service is already creating keys, should cloud-init create keys as well? -- https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/349359 Your team cloud-init commiters is requested to review the proposed merge of ~smoser/cloud-init:fix/1781094-ssh-deletekeys into cloud-init:master. _______________________________________________ Mailing list: https://launchpad.net/~cloud-init-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
