I've ammended the original example to use "cat" instead of "cut" as it
looks like the specific number of fields in the key may vary for some
older formats (rsa1) and it removes the objection that I invented
anything. I had been hoping to exclude the comment field, but agree
it's not worth the effort/risk.
The man page for sshd(8) documents the format for
/etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts in the "SSH_KNOWN_HOSTS
FILE FORMAT" section. It includes the paragraphs:
Bits, exponent, and modulus are taken directly from the RSA host key;
they can be obtained, for example, from /etc/ssh/ssh_host_key.pub. The
optional comment field continues to the end of the line, and is not used.
and::
[generate lines in known_hosts] by a script, ssh-keyscan(1) or by taking
/etc/ssh/ssh_host_key.pub and adding the host names at the front.
I suppose you could copy the information out of these files using ssh-
keygen, but it converts the key to a different format.
I lean towards copying the public key file directly because:
- It's easier to find and manipulate single lines in the console
output, instead of the multi-line output of ssh-keygen.
- The public key file contains exactly the format that we will drop
into known_hosts, instead of having to convert the output of ssh-keygen
back into something usable. (I'm not even sure what tool you use to do
that, though on experimentation it looks like it's a process of cutting
out headers, reassembling lines and adding the appropriate keytype
string.)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cloud-init in Ubuntu.
https://bugs.launchpad.net/bugs/893400
Title:
cloud-init: Output machine usable public ssh host key (for
known_hosts)
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/893400/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
