mirrors/libguestfs
1
0
Fork 0
mirror of https://github.com/libguestfs/libguestfs.git synced 2026-03-22 07:03:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f24753ebb01ac96c092ee11aaa3f08df40d7ca00
libguestfs/customize/ssh_key.mli
Pino Toscano 3d6c2af450 customize: Add --ssh-inject option for injecting SSH keys. 
This adds a customize option:

  virt-customize --ssh-inject USER
  virt-customize --ssh-inject USER:string:KEY_STRING
  virt-customize --ssh-inject USER:file:FILENAME

(ditto for virt-builder and virt-sysprep)

In each case this injects into the guest user USER
a) the current (host) user's ssh pubkey
b) the key specified as KEY_STRING
c) the key in FILENAME
adding it to ~USER/.ssh/authorized_keys in the guest.

For example:

  virt-builder fedora-20 --ssh-inject root

will add the local user's ssh pubkey into the root account of the
newly created guest.  Or:

  virt-customize -a disk.img \
     --ssh-inject 'mary:string:ssh-rsa AAAA.... mary@localhost'

adds the given ssh pubkey to mary's account in the guest.

This doesn't set the SELinux labels correctly on newly created files
and directories, so you have to use --selinux-relabel (probably we
should fix this as part of the general effort to fix SELinux
relabelling).  However it should preserve the labels if the
~/.ssh/authorized_keys file already exists.

Most of this work is based on a patch sent to the mailing list by
Richard W.M. Jones <rjones@redhat.com>:
https://www.redhat.com/archives/libguestfs/2014-November/msg00000.html
2014-11-03 20:47:38 +01:00

33 lines
1.4 KiB
OCaml
Raw Blame History

(* virt-customize
* Copyright (C) 2014 Red Hat Inc.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*)
type ssh_key_selector =
| SystemKey (* Default key from the user in the system, in
* the style of ssh-copy-id(1)/default_ID_file.
*)
| KeyFile of string (* Key from the specified file. *)
| KeyString of string (* Key specified as string. *)
val parse_selector : string -> ssh_key_selector
(** Parse the selector field in --ssh-inject. Note this
doesn't parse the username part. Exits if the format is not valid. *)
val do_ssh_inject_unix : Guestfs.guestfs -> string -> ssh_key_selector -> unit
(** Inject on a generic Unix system (Linux, FreeBSD, etc) the ssh key
for the specified user. *)
Reference in New Issue View Git Blame Copy Permalink