Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

encrypted ssh keys are overwritten if a pass_phrase is not defined #9

Open
cfortier2 opened this issue Jul 10, 2014 · 2 comments
Open

encrypted ssh keys are overwritten if a pass_phrase is not defined #9

cfortier2 opened this issue Jul 10, 2014 · 2 comments
Assignees
@tyler-ball
Labels
Priority: Critical Triage: Needs Information Indicates an issue needs more information in order to work on it. Type: Bug Does not work as expected.
Milestone
Accepted Minor

Comments

@cfortier2
Copy link

If you attempt to use an existing encrypted ssh_key but do not provide a pass_phrase, the keyformatter can't read key and is 'rescued' by returning nil.

The private_key class receives a 'nil' key and generates then overwrites the existing key.
@cfortier2 cfortier2 mentioned this issue Jul 10, 2014
Closed
@cfortier2
Copy link
Author

the issue can be replicated by:
create encrypted ssh keys
add those keys to AWS account

run chef-metal with a block like:
fog_key_pair 'foo' do
private_key_path "#{ec2keydir}/foo"
public_key_path "#{ec2keydir}/foo.pub"
end

chef will error out with mismatched fingerprints and the original ssh key will be overwritten.

@jkeiser jkeiser added this to the 1.0 milestone Aug 19, 2014
@jkeiser jkeiser added the bug label Aug 19, 2014
@jkeiser jkeiser added the ready label Feb 26, 2015
@tyler-ball tyler-ball self-assigned this Mar 17, 2015
@lamont-granquist lamont-granquist removed this from the 1.0 milestone Dec 7, 2016
@lamont-granquist
Copy link
Contributor

this is rather bad.

@thommay thommay added this to the Accepted Minor milestone Dec 7, 2016
@tas50 tas50 added Triage: Needs Information Indicates an issue needs more information in order to work on it. and removed Status: Pending Contributor Response labels Dec 22, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tyler-ball tyler-ball

Labels
Priority: Critical Triage: Needs Information Indicates an issue needs more information in order to work on it. Type: Bug Does not work as expected.
Projects
None yet
Milestone
Accepted Minor
Development

Successfully merging a pull request may close this issue.

add checking and error handling for encrypted keys and pass_phrases cfortier2/cheffish
6 participants
@thommay @lamont-granquist @jkeiser @tas50 @tyler-ball @cfortier2