Bug #19998
closed
New Feature: SSH keys deployed per user
Description
Hey,
In the release notes for Foreman 1.15 is a new feature listed: SSH keys deployed per user.
I would ask how this feature can be used.
[[https://theforeman.org/manuals/1.15/index.html#Releasenotesfor1.15]]
Updated by Marek Hulán over 7 years ago
- Related to Feature #18476: add ssh public keys to user added
Updated by Marek Hulán over 7 years ago
The feature was demoed on our regular community demos, you can find it at https://www.youtube.com/watch?v=QfANwMzxebE&feature=youtu.be&t=119
@Timo, would you mind covering it in the Foreman manual too? I think it would be beneficial for more users.
Updated by Anonymous over 7 years ago
Ok, i watched the demo and learned that i need to use the provisioning snippet 'create_users' for this.
After provisioning, my public key is on the new host but i have issues with the format of the key in autorized_keys file.
I copied my public key into Foreman as following:
[key type] [key] [comment]
ssh-rsa AAA...== Dimitrij Artes
In the authorized_keys file i see the following:
[key type] [key type] [key] [comment] [comment]
ssh-rsa ssh-rsa AAA...== Dimitrij Artes [username]@[foreman fqdn]
If i copy my key to Foreman without key type i get the error 'Fingerprint could not be generated Length could not be calculated'.
If i let the comment blank i get
ssh-rsa ssh-rsa AAA...== [username]@[foreman fqdn]
The biggest problem is the double key type wich caused failure in the structure of the key in authorized_keys file.
How should i paste my key in Foreman?
Updated by Timo Goebel over 7 years ago
Dimitrij Artes wrote:
Ok, i watched the demo and learned that i need to use the provisioning snippet 'create_users' for this.
The template shipped with 1.15.0 contains a bug. Please see https://github.com/theforeman/community-templates/pull/392 for a fixed version.
Updated by Marek Hulán over 7 years ago
- Tracker changed from Support to Bug
- Translation missing: en.field_release set to 266
We should cherry-pick it to 1.15-stable both in community-repo and Foreman core. Therefore, I'm marking it for 1.15.2. Daniel if you confirm, I'm happy to open both PRs, otherwise please reset the release field.
Updated by Daniel Lobato Garcia over 7 years ago
Sounds good to me, please feel free to put it in community-templates 1.15 for 1.15.2
Updated by Marek Hulán over 7 years ago
- Status changed from New to Ready For Testing
- Assignee set to Marek Hulán
Sorry, community-templates 1.15-stable already contained the fix. Sync PR opened as https://github.com/theforeman/foreman/pull/4591. Since it contains other changes, I'm not linking it to this issue. Moving to ready for testing though as the PR is available.
Updated by Anonymous over 7 years ago
I've applied the fix and it work now. Thanks!
What about the comment? At the moment the key comment is overwritten with user@foreman_fqdn.
Updated by Timo Goebel over 7 years ago
Dimitrij Artes wrote:
I've applied the fix and it work now. Thanks!
What about the comment? At the moment the key comment is overwritten with user@foreman_fqdn.
You could use something like this:
<%- index = 0 -%>
<%- user.ssh_keys.each do |key| -%>
<%- if index == 0 -%>
<%= key %>
<%- else -%>
<%= "#{key} - #{index}" %>
<%- end -%>
<%- index += 1 -%>
<%- end -%>
or more easy:
<%- user.ssh_keys.each do |key| -%> <%= key %> <%- end -%>
Updated by Marek Hulán over 7 years ago
- Status changed from Ready For Testing to Closed
Fixed in 1.15.2 branch by the template sync, see https://github.com/theforeman/foreman/pull/4592 for more details.