diff options
author | Lars Wirzenius <liw@liw.fi> | 2022-08-07 12:43:48 +0000 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2022-08-07 12:43:48 +0000 |
commit | 71027842bfe4ed647e8229f3153cd38397d93a7f (patch) | |
tree | a499812c2dc912a45abb5fecebb2a625fa5a4039 | |
parent | 4a1c88ea93a9f3800e6139d515e27f2cad0680ab (diff) | |
parent | ad40c5178b01cf92296c4329dad5be3b211190cb (diff) | |
download | v-i-71027842bfe4ed647e8229f3153cd38397d93a7f.tar.gz |
Merge branch 'fixes' into 'main'
fix: allow ed25519 for certificates, otherwise certs don't work
See merge request larswirzenius/v-i!34
-rwxr-xr-x | configure-installer | 7 | ||||
-rwxr-xr-x | write-and-config.sh | 21 |
2 files changed, 27 insertions, 1 deletions
diff --git a/configure-installer b/configure-installer index 7596c28..e52aa19 100755 --- a/configure-installer +++ b/configure-installer @@ -1,6 +1,7 @@ #!/usr/bin/python3 import argparse +import glob import os import subprocess import tempfile @@ -86,11 +87,15 @@ def host_id(config, mp): host_key = "/etc/ssh/ssh_host_key" host_cert = "/etc/ssh/ssh_host_key-cert.pub" + # Remove all existing host keys. + for filename in glob.glob(f"{mp}/etc/ssh/ssh_host_*_key*"): + os.remove(filename) + # Note that the order of HostKey and HostCertificate lines matter. write( f"{mp}{config_d}/id.conf", f""" -HostKeyAlgorithms ssh-ed25519 +HostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com HostKey {host_key} HostCertificate {host_cert} """, diff --git a/write-and-config.sh b/write-and-config.sh new file mode 100755 index 0000000..17bf0ac --- /dev/null +++ b/write-and-config.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +set -euo pipefail + +config="$1" +dev="$2" + +echo "Unmounting everything in $dev" +umount -fv "$dev"* || true +echo "Write installer.img to $dev" +dd if=installer.img bs=1M oflag=direct status=progress of="$dev" + +for fs in "$dev"?; do + echo + echo "Fsck file system on $fs" + fsck -f -C0 "$fs" +done + +echo +echo "Configure user CA" +./configure-installer "$config" "$dev" |