cloud-init fails to disable ecdsa-sha2-nitp521 keys
Bug #1658174 reported by
Lars Kellogg-Stedman
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| cloud-init |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
cloud-init adds ssh_authorized_keys to the default user fedora and to root but for root it disables the keys with a prefix command that echoes the helpful message:
'Please login as the user "fedora" rather than the user "root".'
However, if the key is of type ecdsa-sha2-
This means that ECDSA keys can be used to login to root.
Related branches
~larsks/cloud-init:fedora/1151824
- cloud-init Commiters: Pending requested
-
Diff: 47 lines (+15/-1)2 files modifiedcloudinit/ssh_util.py (+3/-0)
tests/unittests/test_sshutil.py (+12/-1)
| Changed in cloud-init: | |
| status: | New → Fix Committed |
| importance: | Undecided → Medium |
Revision history for this message
| Scott Moser (smoser) wrote Fixed in Cloud-init 17.1 | #1 |
| Changed in cloud-init: | |
| status: | Fix Committed → Fix Released |
Revision history for this message
| James Falcon (falcojr) wrote | #2 |
To post a comment you must log in.
This bug is believed to be fixed in cloud-init in 17.1. If this is still a problem for you, please make a comment and set the state back to New
Thank you.