Hi Damien, On 5/19/20 7:05 AM, Damien LEFEVRE wrote: > Hi, > > I've put GnuPG in my image, and I'd like to deploy a set to public and > private keys into the system images. > > How can I do that from recipes? > You do this with a shell function that is added to ROOTFS_POSTPROCESS_COMMAND. Here is a script that I use to create SSH keys:
# Image post-processing to configure sshd
# Setup ssh key login for these users
SSH_USERS ??= ""
SSH_DISALLOW_PWAUTH ??= "1"
configure_sshd() {
# disallow password authentication
if [ "${SSH_DIALLOW_PWAUTH}" == "1" ]; then
echo "PasswordAuthentication no" >>
${IMAGE_ROOTFS}/etc/ssh/sshd_config
fi
# keys will be stored tmp/deploy/keys
mkdir -p ${DEPLOY_DIR}/keys
# create the keys for the users
for user in ${SSH_USERS}; do
if [ ! -f ${DEPLOY_DIR}/keys/${user}-sshkey ]; then
/usr/bin/ssh-keygen -t rsa -N '' \
-f ${DEPLOY_DIR}/keys/${user}-sshkey
fi
# add public key to authorized_keys for the user
mkdir -p ${IMAGE_ROOTFS}/home/${user}/.ssh
cat ${DEPLOY_DIR}/keys/${user}-sshkey.pub \
>> ${IMAGE_ROOTFS}/home/${user}/.ssh/authorized_keys
done
}
ROOTFS_POSTPROCESS_COMMAND += "configure_sshd;"
I have this script as an include file that I included into my image recipes.
:rjs
> Thanks,
> -Damien
>
>
--
-----
Rudolf J Streif
CEO/CTO ibeeto
+1.855.442.3386 x700
signature.asc
Description: OpenPGP digital signature
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#49444): https://lists.yoctoproject.org/g/yocto/message/49444 Mute This Topic: https://lists.yoctoproject.org/mt/74325514/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
