Merge branch 'fixes' into 'main'

fix: allow ed25519 for certificates, otherwise certs don't work

See merge request larswirzenius/v-i!34

2 files changed, 27 insertions, 1 deletions

diff --git a/configure-installer b/configure-installer
index 7596c28..e52aa19 100755
--- a/configure-installer
+++ b/configure-installer
@@ -1,6 +1,7 @@
 #!/usr/bin/python3
 
 import argparse
+import glob
 import os
 import subprocess
 import tempfile
@@ -86,11 +87,15 @@ def host_id(config, mp):
     host_key = "/etc/ssh/ssh_host_key"
     host_cert = "/etc/ssh/ssh_host_key-cert.pub"
 
+    # Remove all existing host keys.
+    for filename in glob.glob(f"{mp}/etc/ssh/ssh_host_*_key*"):
+        os.remove(filename)
+
     # Note that the order of HostKey and HostCertificate lines matter.
     write(
         f"{mp}{config_d}/id.conf",
         f"""
-HostKeyAlgorithms ssh-ed25519
+HostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com
 HostKey {host_key}
 HostCertificate {host_cert}
 """,
diff --git a/write-and-config.sh b/write-and-config.sh
new file mode 100755
index 0000000..17bf0ac
--- /dev/null
+++ b/write-and-config.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -euo pipefail
+
+config="$1"
+dev="$2"
+
+echo "Unmounting everything in $dev"
+umount -fv "$dev"* || true
+echo "Write installer.img to $dev"
+dd if=installer.img bs=1M oflag=direct status=progress of="$dev"
+
+for fs in "$dev"?; do
+	echo
+	echo "Fsck file system on $fs"
+	fsck -f -C0 "$fs"
+done
+
+echo
+echo "Configure user CA"
+./configure-installer "$config" "$dev"