I have sent another patch, with a config option (Like this, user can define behaviour)
Le jeudi 14 janvier 2021 à 16:20 +0100, aderum...@odiso.com a écrit : > > > We could add vendor data and put the ssh keys there: > > > > > > > > https://cloudinit.readthedocs.io/en/latest/topics/vendordata.html > > > > > technically, it's possible to add host ssh keys with > > > ssh_keys: > rsa_private: | > -----BEGIN RSA PRIVATE KEY----- > MIIBxwIBAAJhAKD0YSHy73nUgysO13XsJmd4fHiFyQ+00R7VVu2iV9Qco > ... > -----END RSA PRIVATE KEY----- > rsa_public: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAGEAoPRhIfLvedSDKw7Xd > > > I had asked about it some months ago,but Dietmar didn't want it > https://lists.proxmox.com/pipermail/pve-devel/2020-June/044104.html > " > ----- Mail original ----- > De: "dietmar" <dietmar at proxmox.com> > À: "pve-devel" <pve-devel at pve.proxmox.com> > Envoyé: Jeudi 25 Juin 2020 11:00:10 > Objet: Re: [pve-devel] cloudinit: generate server ssh keys on proxmox > side ? > > > Maybe could we generate them once at proxmox side ? > > -1 > > Copying private keys is bad . > " > > > > I wasn't aware about ssh_deletekeys at this time, > but it seem a better way to manage this.(keep sshkey generation > inside > the vm, but do it only once) > > > > Le mercredi 13 janvier 2021 à 12:26 +0100, Mira Limbeck a écrit : > > We could add vendor data and put the ssh keys there: > > > > https://cloudinit.readthedocs.io/en/latest/topics/vendordata.html > > > > > > On 1/13/21 10:01 AM, Alexandre Derumier wrote: > > > Currently, we always regenerate sshkeys on any config change. > > > > > > It should be done only before the first vm start, but currently > > > can't known that. > > > > > > So, this patch only do it when vm is running. > > > > > > Signed-off-by: Alexandre Derumier<aderum...@odiso.com> > > > --- > > > PVE/QemuServer/Cloudinit.pm | 2 ++ > > > 1 file changed, 2 insertions(+) > > > > > > diff --git a/PVE/QemuServer/Cloudinit.pm > > > b/PVE/QemuServer/Cloudinit.pm > > > index 52a4203..dd643c1 100644 > > > --- a/PVE/QemuServer/Cloudinit.pm > > > +++ b/PVE/QemuServer/Cloudinit.pm > > > @@ -135,6 +135,8 @@ sub cloudinit_userdata { > > > $content .= " - $k\n"; > > > } > > > } > > > + $content .= "ssh_deletekeys: false\n" if > > > PVE::QemuServer::check_running($vmid); > > > + > > > $content .= "chpasswd:\n"; > > > $content .= " expire: False\n"; > > > > > > > > > _______________________________________________ > > pve-devel mailing list > > pve-devel@lists.proxmox.com > > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel > > > > _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel