代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/cloud-init 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From 94a00492b11995dd9278605eb29ee4b096ce3a90 Mon Sep 17 00:00:00 2001
From: Ron Gebauer <Mazorius@users.noreply.github.com>
Date: Wed, 25 Jan 2023 22:40:32 +0100
Subject: [PATCH] Fix permission of SSH host keys (#1971)
If the host-keys are provided the private key permissions have 0600
which is indeed correct. But the public key has 0600 which should
instead be 0644.
With this change the public key is always 0644 and the private key
is 0600 if provided or 640 if generated (to match sshd-keygen
functionality).
---
cloudinit/config/cc_ssh.py | 4 ++--
tests/unittests/config/test_cc_ssh.py | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/cloudinit/config/cc_ssh.py b/cloudinit/config/cc_ssh.py
index 33c1fd0..6210627 100644
--- a/cloudinit/config/cc_ssh.py
+++ b/cloudinit/config/cc_ssh.py
@@ -185,8 +185,8 @@ for k in GENERATE_KEY_NAMES:
CONFIG_KEY_TO_FILE.update(
{
f"{k}_private": (KEY_FILE_TPL % k, 0o600),
- f"{k}_public": (f"{KEY_FILE_TPL % k}.pub", 0o600),
- f"{k}_certificate": (f"{KEY_FILE_TPL % k}-cert.pub", 0o600),
+ f"{k}_public": (f"{KEY_FILE_TPL % k}.pub", 0o644),
+ f"{k}_certificate": (f"{KEY_FILE_TPL % k}-cert.pub", 0o644),
}
)
PRIV_TO_PUB[f"{k}_private"] = f"{k}_public"
diff --git a/tests/unittests/config/test_cc_ssh.py b/tests/unittests/config/test_cc_ssh.py
index 47c0c77..c41a50b 100644
--- a/tests/unittests/config/test_cc_ssh.py
+++ b/tests/unittests/config/test_cc_ssh.py
@@ -311,17 +311,17 @@ class TestHandleSsh:
mock.call(
"/etc/ssh/ssh_host_{}_key".format(key_type),
private_value,
- 384,
+ 0o600,
),
mock.call(
"/etc/ssh/ssh_host_{}_key.pub".format(key_type),
public_value,
- 384,
+ 0o644,
),
mock.call(
"/etc/ssh/ssh_host_{}_key-cert.pub".format(key_type),
cert_value,
- 384,
+ 0o644,
),
mock.call(
"/etc/ssh/sshd_config",
--
2.39.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手