From bf9efeca649af6128fb4c0171299ad3f65485b6e Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sun, 7 Aug 2022 15:47:14 +0300 Subject: chore: drop obsolete set-authorized-key, set-user-ca-pubkey scripts Sponsored-by: author --- set-authorized-keys | 31 ------------------------------- set-user-ca-pubkey | 32 -------------------------------- 2 files changed, 63 deletions(-) delete mode 100755 set-authorized-keys delete mode 100755 set-user-ca-pubkey diff --git a/set-authorized-keys b/set-authorized-keys deleted file mode 100755 index 2151bc9..0000000 --- a/set-authorized-keys +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail - -die() { - echo "ERROR: $*" 1>&2 - exit 1 -} - -cleanup() { - umount "$drive" || true - rmdir "$mnt" -} - -trap cleanup EXIT - -drive="$1" -pubkey="$2" - -[ -e "$drive" ] || die "$drive does not exist" -[ -e "$pubkey" ] || die "$pubkey does not exist" - -mnt="$(mktemp -d)" -mount "$drive" "$mnt" -if [ ! -e "$mnt/root/.ssh" ]; then - install -d "$mnt/root/.ssh" -fi - -authz="$mnt/root/.ssh/authorized_keys" -[ ! -e "$authz" ] || die "$authz already exists" -install -m 0600 "$pubkey" "$authz" diff --git a/set-user-ca-pubkey b/set-user-ca-pubkey deleted file mode 100755 index 0bac587..0000000 --- a/set-user-ca-pubkey +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail - -die() { - echo "ERROR: $*" 1>&2 - exit 1 -} - -cleanup() { - umount "$drive" || true - rmdir "$mnt" -} - -trap cleanup EXIT - -drive="$1" -pubkey="$2" - -[ -e "$drive" ] || die "$drive does not exist" -[ -e "$pubkey" ] || die "$pubkey does not exist" - -mnt="$(mktemp -d)" -mount "$drive" "$mnt" - -include="$mnt/etc/ssh/sshd_config.d/userca.conf" -echo "TrustedUserCAKeys /etc/ssh/user_ca_keys" >"$include" -chown root:root "$include" -chmod 0644 "$include" - -cakeys="$mnt/etc/ssh/user_ca_keys" -install -m 0600 "$pubkey" "$cakeys" -- cgit v1.2.1 From e00e9f50693913d267cbe3b5f2ebfb4b360d75f6 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sun, 7 Aug 2022 15:54:55 +0300 Subject: chore: update NEWS.md for release Sponsored-by: author --- NEWS.md | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/NEWS.md b/NEWS.md index 39df488..f47f7c0 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,9 +1,39 @@ # Release notes for v-i -This file summarizes changes between releases of v-i, the vmdb2-based -installer of Debian onto bare metal systems. +This file summarizes user-visible changes between releases of v-i, the +vmdb2-based installer of Debian onto bare metal systems. +# Version 0.2, released 2022-08-07 + +## New or changed features + +* New script `configure-installer` allows configuring an installer + image that has been written to a USB drive or other block device. It + replaced the older `set-authorized-key` script. It adds support for + SSH CA and host host certificates for the installer, and accepting + user certificates for logging into the installer. + +* The tutorial is a little improved and will hopefully be possible to + understand even if you don't already know everything. + +* The installer image now boots a little faster: it now uses + `systemd-networkd` instead of `iupdown` to bring up the network, and + the persistent `journald` system log is disabled. + +* The `/etc/v-i-version` file contains information about the version + of the `v-i` repository used to build the installer image. + +## Bug fixes + +* `ping` now works on the installer. + +## Other notable changes + +* The `rootfs.tar.gz` tarball that used to be included in the + installer image is gone. It wasn't useful for anything but building + an installer image. + # Version 0.1, released 2022-03-06 This is the first release of v-i. It may or may not work for you. It -- cgit v1.2.1