git commit: refs/heads/4.1 - CLOUDSTACK-1013 : running cloudstack overwrites default public/private ssh keys

Thu, 07 Mar 2013 07:24:59 -0800 

Updated Branches:
  refs/heads/4.1 7c7b05f4e -> 421a2308f


CLOUDSTACK-1013 : running cloudstack overwrites default public/private ssh keys

The default private/public keypairs in .ssh will not be overwritten.
Instead cloudstack will generate a new keypair id_rsa.cloud and
id_rsa.cloud.pub and use those in developer mode.

To use this insert the (name,value)=(develop,true) tuple into
`cloud`.`configuration`

Signed-off-by: Prasanna Santhanam <[email protected]>


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/421a2308
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/421a2308
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/421a2308

Branch: refs/heads/4.1
Commit: 421a2308fb7319b106918f18ad61c407bde1cfe5
Parents: 7c7b05f
Author: Harikrishna Patnala <[email protected]>
Authored: Thu Mar 7 14:41:54 2013 +0530
Committer: Chip Childers <[email protected]>
Committed: Thu Mar 7 10:23:51 2013 -0500

----------------------------------------------------------------------
 .../com/cloud/server/ConfigurationServerImpl.java  |   33 ++++++++++-----
 1 files changed, 22 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/421a2308/server/src/com/cloud/server/ConfigurationServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ConfigurationServerImpl.java 
b/server/src/com/cloud/server/ConfigurationServerImpl.java
index c5ae1e2..8c665ad 100755
--- a/server/src/com/cloud/server/ConfigurationServerImpl.java
+++ b/server/src/com/cloud/server/ConfigurationServerImpl.java
@@ -603,8 +603,16 @@ public class ConfigurationServerImpl extends ManagerBase 
implements Configuratio
             throw new CloudRuntimeException("No home directory was detected 
for the user '" + username + "'. Please check the profile of this user.");
         }
 
-        File privkeyfile = new File(homeDir + "/.ssh/id_rsa");
-        File pubkeyfile = new File(homeDir + "/.ssh/id_rsa.pub");
+        // Using non-default file names (id_rsa.cloud and id_rsa.cloud.pub) in 
developer mode. This is to prevent SSH keys overwritten for user running 
management server
+        File privkeyfile = null;
+        File pubkeyfile = null;
+        if (devel) {
+            privkeyfile = new File(homeDir + "/.ssh/id_rsa.cloud");
+            pubkeyfile = new File(homeDir + "/.ssh/id_rsa.cloud.pub");
+        } else {
+            privkeyfile = new File(homeDir + "/.ssh/id_rsa");
+            pubkeyfile = new File(homeDir + "/.ssh/id_rsa.pub");
+        }
 
         if (already == null || already.isEmpty()) {
             if (s_logger.isInfoEnabled()) {
@@ -661,13 +669,8 @@ public class ConfigurationServerImpl extends ManagerBase 
implements Configuratio
             }
 
         } else {
-            s_logger.info("Keypairs already in database");
-            if (username.equalsIgnoreCase("cloud")) {
-                s_logger.info("Keypairs already in database, updating local 
copy");
-                updateKeyPairsOnDisk(homeDir);
-            } else {
-                s_logger.info("Keypairs already in database, skip updating 
local copy (not running as cloud user)");
-            }
+            s_logger.info("Keypairs already in database, updating local copy");
+            updateKeyPairsOnDisk(homeDir);
         }
         s_logger.info("Going to update systemvm iso with generated keypairs if 
needed");
         try {
@@ -726,14 +729,22 @@ public class ConfigurationServerImpl extends ManagerBase 
implements Configuratio
 
     private void updateKeyPairsOnDisk(String homeDir) {
         File keyDir = new File(homeDir + "/.ssh");
+        Boolean devel = Boolean.valueOf(_configDao.getValue("developer"));
         if (!keyDir.isDirectory()) {
             s_logger.warn("Failed to create " + homeDir + "/.ssh for storing 
the SSH keypars");
             keyDir.mkdir();
         }
         String pubKey = _configDao.getValue("ssh.publickey");
         String prvKey = _configDao.getValue("ssh.privatekey");
-        writeKeyToDisk(prvKey, homeDir + "/.ssh/id_rsa");
-        writeKeyToDisk(pubKey, homeDir + "/.ssh/id_rsa.pub");
+
+        // Using non-default file names (id_rsa.cloud and id_rsa.cloud.pub) in 
developer mode. This is to prevent SSH keys overwritten for user running 
management server
+        if( devel ) {
+            writeKeyToDisk(prvKey, homeDir + "/.ssh/id_rsa.cloud");
+            writeKeyToDisk(pubKey, homeDir + "/.ssh/id_rsa.cloud.pub");
+        } else {
+            writeKeyToDisk(prvKey, homeDir + "/.ssh/id_rsa");
+            writeKeyToDisk(pubKey, homeDir + "/.ssh/id_rsa.pub");
+        }
     }
 
     protected void injectSshKeysIntoSystemVmIsoPatch(String publicKeyPath, 
String privKeyPath) {

Reply via email to