On Thu, Feb 09, 2017 at 06:19:54PM +0100, Landry Breuil wrote: > On Sun, Feb 05, 2017 at 08:37:31PM +0000, Stuart Henderson wrote: > > On 2017/02/05 09:53, Robert Peichaer wrote: > > > On Sun, Feb 05, 2017 at 10:46:41AM +0100, Landry Breuil wrote: > > > > Hi, > > > > > > > > when installing 'throwaway' VMs (manually, not always using autoinstall > > > > for > > > > $REASONS) i've often found myself having to do right after the install: > > > > install -d -m 700 /root/.ssh > > > > install -m 600 /dev/null /root/.ssh/authorized_keys > > > > (or touch /root/.ssh/authorized_keys && chmod 600 > > > > /root/.ssh/authorized_keys, ymmv) > > > > > > > > those are present in /etc/skel for "real" users, so why not creating > > > > them for the root account ? install.sub also creates /mnt/root/.ssh when > > > > using autoinstall and giving an ssh pubkey, so that'll be one less step > > > > to do there. > > > > > > > > We advise ppl to set prohibit-password for PermitRootLogin, so why not > > > > make it > > > > easier to use it ? This ways, the correct modes are set.. i often > > > > fat-fingered > > > > this, to see sshd complaining (rightly!) about bad modes on > > > > .ssh/authorized_keys. > > > > > > Conceptually I'd like this going in. > > > > +1. (On "managed" systems I use root-owned authorized_keys in a system > > directory, > > but this doesn't get in the way, and it makes things easier on ad-hoc > > installed > > systems). > > Finally built a release with this, the empty file is created in > /var/sysmerge/etc.tgz, and sysmerge didnt overwrite my own > /root/.ssh/authorized_keys - so i think i can now explicitely ask for okays. > dtucker@ mentioned that in ${INSTALL} -c idiom the -c was a noop, but i kept > it > for consistency. > Hopefully more ppl can chime in and think of potential drawbacks this > diff exposes...
One of the drawbacks i see is that ppl *might* get a security alert from changelist if the (empty) file suddenly appears after an upgrade... but i think we can/should live with that ? Landry