[Libguestfs] [PATCH] customize: Add --ssh-inject option for injecting SSH keys.
Pino Toscano
ptoscano at redhat.com
Mon Nov 3 11:09:46 UTC 2014
On Sunday 02 November 2014 12:46:40 Richard W.M. Jones wrote:
> This adds a customize option:
>
> virt-customize --ssh-inject USER[=KEY]
> virt-builder --ssh-inject USER[=KEY]
> virt-sysprep --ssh-inject USER[=KEY]
>
> In each case this either injects the current (host) user's ssh pubkey
> into the guest user USER (adding it to ~USER/.ssh/authorized_keys in
> the guest), or you can specify a particular key.
>
> For example:
>
> virt-builder fedora-20 --ssh-inject root
>
> will add the local user's ssh pubkey into the root account of the
> newly created guest. Or:
>
> virt-customize -a disk.img \
> --ssh-inject 'mary=ssh-rsa AAAA.... mary at localhost'
>
> adds the given ssh pubkey to mary's account in the guest.
I like the idea of this patch, I have just a couple of notes.
> + (* Find the local [on the host] user's SSH public key. See
> + * ssh-copy-id(1) default_ID_file for rationale.
> + *)
> + let pubkey_re = Str.regexp "^id.*\\.pub$" in
> + let pubkey_ignore_re = Str.regexp ".*-cert\\.pub$" in
> +
> [...]
> + let files = Sys.readdir ssh_dir in
> + let files = Array.to_list files in
> + let files = List.filter (
> + fun file ->
> + Str.string_match pubkey_re file 0 &&
> + not (Str.string_match pubkey_ignore_re file 0)
> + ) files in
Small niptick: this might as well not use regexp.
Also, it seems to handle either the most recent id*.pub key of the user,
or a key specified as string. What about using a selector syntax for
--ssh-inject, so:
--ssh-inject USER <- recent id*.pub key
--ssh-inject "USER:string:ssh-rsa AAAA.... user at localhost" <- string
--ssh-inject USER:file:somekey.pub <- stored in a .pub file
I can do the changes above, in case.
Thanks,
--
Pino Toscano
More information about the Libguestfs
mailing list