On Fri, Aug 3, 2018 at 3:24 PM Scott Moser <[email protected]> wrote: > > I really don't know what you're expecting to hear.
The distro put in ssh-keygen service and presumably has a reason for doing so. They may have some expected properties of the types of keys that it generates and cloud-init could generate different keys than what the distro expected. So, for images in which there are both cloud-init and ssh-keygen service, I'd like the distro to make a configuration choice that reflects the intention of the image builder. > cloud-init is guaranteed to run Before ssh-keygen. > Worst case, > a.) ssh-keygen creates keys that cloud-init didn't write (but since > cloud-init deleted *all* keys on new-instance, this actually works pretty > well). > b.) ssh-kegen does nothing and wastes some 'stat' of files that it would > have executed. > > I guess we could drop-in a 'disable' of keygen-service on package install. > that just seems like more work than necessary. Can you imagine a scenario where having both cloud-init and ssh-keygen manage keys is complementary (neither a or b look complementary without further work to understand who created which keys and who is control of when they get deleted)? If not, then why shouldn't we just conflict ? > > -- > https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/349359 > Your team cloud-init commiters is requested to review the proposed merge of > ~smoser/cloud-init:fix/1781094-ssh-deletekeys into cloud-init:master. > > _______________________________________________ > Mailing list: https://launchpad.net/~cloud-init-dev > Post to : [email protected] > Unsubscribe : https://launchpad.net/~cloud-init-dev > More help : https://help.launchpad.net/ListHelp -- https://code.launchpad.net/~smoser/cloud-init/+git/cloud-init/+merge/349359 Your team cloud-init commiters is requested to review the proposed merge of ~smoser/cloud-init:fix/1781094-ssh-deletekeys into cloud-init:master. _______________________________________________ Mailing list: https://launchpad.net/~cloud-init-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~cloud-init-dev More help : https://help.launchpad.net/ListHelp
