Skip to content

Commit

Permalink
Properly configure SSH from scratch
Browse files Browse the repository at this point in the history 
dpkg-reconfigure clearly is designed for interactive use. Cloud images
have SSH preinstalled and keys are generated by cloud-init, but
Subiquity installs the `openssh-server` package if selected in the
installer. This seems like reasonable behavior to emulate in a world
where we aren't triggering cloud-init behavior.

See https://github.com/canonical/subiquity/blob/1c4c99562ef678da5fe06cd810a4268d9f63fda4/subiquity/models/ssh.py#L34
  • Loading branch information
@strugee
strugee committed Oct 2, 2024
1 parent e2ed32b commit 68760e5
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions build.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,13 +53,14 @@ EOF
# Generate SSH keys on first boot
cat > $mnt/etc/systemd/system/ssh-hostkey-generate.service <<EOF
[Unit]
Description=Generate SSH keys on first container boot
Description=Properly configure OpenSSH keys on first container boot
Before=ssh.service
ConditionPathExists=!/etc/ssh/ssh_host_rsa_key
[Service]
Type=oneshot
ExecStart=dpkg-reconfigure --default-priority --frontend=noninteractive openssh-server
Environment=DEBIAN_FRONTEND=noninteractive
ExecStart=apt-get install --reinstall -qq -y openssh-server
[Install]
WantedBy=ssh.service
Expand Down

0 comments on commit 68760e5

Please sign in to comment.