diff options
author | Konrad Bańka <k.banka@samsung.com> | 2019-06-10 14:03:45 +0200 |
---|---|---|
committer | Konrad Bańka <k.banka@samsung.com> | 2019-06-21 11:22:37 +0200 |
commit | 46c5d310b24563ba9de00d0583e76742efc2cc0d (patch) | |
tree | cea795d804688497fd18befef4aef55cdeeda157 /kud | |
parent | 2860cd0ee42a205ea3c565c9953ff15bd79fcc25 (diff) |
Make aio.sh preserve host's ssh keys if possible
aio.sh script creates rsa key that is also added to host's authorized_keys.
Currently, existing id_rsa keys are removed in order to generate fresh key each time.
This change makes setup script reuse existing key when possible.
Issue-ID: MULTICLOUD-676
Change-Id: I3b6b837f64dabd3cb6a14aa5ea65e67c6b8db6a8
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Diffstat (limited to 'kud')
-rwxr-xr-x | kud/hosting_providers/baremetal/aio.sh | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/kud/hosting_providers/baremetal/aio.sh b/kud/hosting_providers/baremetal/aio.sh index c1aac6ac..c9fac098 100755 --- a/kud/hosting_providers/baremetal/aio.sh +++ b/kud/hosting_providers/baremetal/aio.sh @@ -18,7 +18,7 @@ cd ${aio_dir}/../vagrant # For aio inventory by default get ovn central ip from local host default interface. # This variable used only in this file, but env variable defined to enable user to override it prior calling aio.sh. OVN_CENTRAL_IP_ADDRESS=${OVN_CENTRAL_IP_ADDRESS:-$(hostname -I | cut -d ' ' -f 1)} - +echo "Preparing inventory for ansible" cat <<EOL > inventory/hosts.ini [all] localhost ansible_ssh_host=${OVN_CENTRAL_IP_ADDRESS} ansible_ssh_port=22 @@ -46,9 +46,14 @@ kube-node kube-master EOL -rm -f ~/.ssh/id_rsa -echo -e "\n\n\n" | ssh-keygen -t rsa -N "" -cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys +if ! [ -f ~/.ssh/id_rsa ]; then + echo "Generating rsa key for this host" + ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa <&- +fi +if ! grep -qF "$(ssh-keygen -y -f ~/.ssh/id_rsa)" ~/.ssh/authorized_keys; then + echo "Allowing present ~/.ssh/id_rsa key to be used for login to this host" + ssh-keygen -y -f ~/.ssh/id_rsa >> ~/.ssh/authorized_keys +fi chmod og-wx ~/.ssh/authorized_keys echo "Enabling nested-virtualization" |