@@ -120,19 +120,54 @@ sub process_request {
120120 } elsif ($configfileonly ) {
121121 goto CREAT_CONF_FILE;
122122 }
123- unless (-r " /root/.ssh/id_rsa.pub"
123+ # Grab all the standard ssh public keys we can
124+ my @ssh_pub_keys = ();
125+ if (-r " /root/.ssh/id_rsa.pub"
126+ push (@ssh_pub_keys , ' id_rsa.pub'
127+ }
128+ if (-r " /root/.ssh/id_ed25519.pub"
129+ push (@ssh_pub_keys , ' id_ed25519.pub'
130+ }
131+ if (-r " /root/.ssh/id_ecdsa.pub"
132+ push (@ssh_pub_keys , ' id_ecdsa.pub'
133+ }
134+ if (scalar @ssh_pub_keys == 0) {
135+ # We have no public keys.
136+ # See if we have any private keys we can extract pubkeys from
124137 if (-r " /root/.ssh/id_rsa"
125- $callback -> ({ data => [" Extracting ssh public key from private key"
138+ $callback -> ({ data => [" Extracting rsa ssh public key from private key"
126139 my $rc = system (' ssh-keygen -y -f /root/.ssh/id_rsa > /root/.ssh/id_rsa.pub'
127140 if ($rc ) {
128- $callback -> ({ error => [" Failure executing ssh-keygen for root" errorcode => [1] });
141+ $callback -> ({ error => [" Failure executing ssh-keygen for root when extracting rsa ssh public key from private key" errorcode => [1] });
142+ } else {
143+ push (@ssh_pub_keys , ' id_rsa.pub'
129144 }
130- } else {
131- $callback -> ({ data => [" Generating ssh private key for root "
132- my $rc = system (' ssh-keygen -t rsa -q -b 2048 -N "" -f /root/.ssh/id_rsa '
145+ } elsif ( -r " /root/.ssh/id_ed25519 " ) {
146+ $callback -> ({ data => [" Extracting ed25519 ssh public key from private key "
147+ my $rc = system (' ssh-keygen -y -f /root/.ssh/id_ed25519 > /root/.ssh/id_ed25519.pub '
133148 if ($rc ) {
134- $callback -> ({ error => [" Failure executing ssh-keygen for root" errorcode => [1] });
149+ $callback -> ({ error => [" Failure executing ssh-keygen for root when extracting ed25519 ssh public key from private key" errorcode => [1] });
150+ } else {
151+ push (@ssh_pub_keys , ' id_ed25519.pub'
135152 }
153+ } elsif (-r " /root/.ssh/id_ecdsa"
154+ $callback -> ({ data => [" Extracting ecdsa ssh public key from private key"
155+ my $rc = system (' ssh-keygen -y -f /root/.ssh/id_ecdsa > /root/.ssh/id_ecdsa.pub'
156+ if ($rc ) {
157+ $callback -> ({ error => [" Failure executing ssh-keygen for root when extracting ecdsa ssh public key from private key" errorcode => [1] });
158+ } else {
159+ push (@ssh_pub_keys , ' id_ecdsa.pub'
160+ }
161+ }
162+ }
163+ if (scalar @ssh_pub_keys == 0) {
164+ # Looks like we didn't have any private keys either, so generate one
165+ $callback -> ({ data => [" Generating rsa ssh private key for root"
166+ my $rc = system (' ssh-keygen -t rsa -q -b 2048 -N "" -f /root/.ssh/id_rsa'
167+ if ($rc ) {
168+ $callback -> ({ error => [" Failure executing ssh-keygen for root when generating rsa ssh private key" errorcode => [1] });
169+ } else {
170+ push (@ssh_pub_keys , ' id_rsa.pub'
136171 }
137172 }
138173 my $tempdir = tempdir(" mknb.$$ .XXXXXX" TMPDIR => 1);
@@ -169,7 +204,15 @@ sub process_request {
169204 }
170205 mkpath($tempdir . " $sshdir "
171206 chmod (0700, $tempdir . " $sshdir "
172- copy(" /root/.ssh/id_rsa.pub" " $tempdir$sshdir /authorized_keys"
207+ open (my $authkeys_fh , ' >:raw' " $tempdir$sshdir /authorized_keys"
208+ foreach my $keyfile (@ssh_pub_keys ) {
209+ open (my $pubkey_fh , ' <:raw' " /root/.ssh/$keyfile "
210+ while (my $line = <$pubkey_fh >) {
211+ print ($authkeys_fh $line );
212+ }
213+ close ($pubkey_fh );
214+ }
215+ close ($authkeys_fh );
173216 chmod (0600, " $tempdir$sshdir /authorized_keys"
174217 if (not $invisibletouch and -r " /etc/xcat/hostkeys/ssh_host_rsa_key"
175218 copy(" /etc/xcat/hostkeys/ssh_host_rsa_key" " $tempdir /etc/ssh_host_rsa_key"
0 commit comments