Commit 6e6fc44f authored by John-Paul Robinson's avatar John-Paul Robinson
Browse files

Improve ssh key config

Move insert_key directive before VM create to avoid custom key create
Add comments motivating the config choices for ssh config steps
Expand user key authz logic to append key rather than just replace all
existing keys in vagrant user authorized_keys file.
parent 1948f186
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
Vagrant.configure("2") do |config| Vagrant.configure("2") do |config|
# don't configure host-specific keys, config will use the user's key
config.ssh.insert_key = false
config.vm.define "ohpc" do |ohpc| config.vm.define "ohpc" do |ohpc|
ohpc.vm.box = "ravi89/centos7.5" ohpc.vm.box = "ravi89/centos7.5"
ohpc.vm.box_version = "1" ohpc.vm.box_version = "1"
...@@ -27,9 +30,17 @@ Vagrant.configure("2") do |config| ...@@ -27,9 +30,17 @@ Vagrant.configure("2") do |config|
vb.memory = "2048" vb.memory = "2048"
end end
config.ssh.insert_key = false # define user's key and insecure default
# insecure default is required for initial provisioning
config.ssh.private_key_path = ["~/.ssh/id_rsa", "~/.vagrant.d/insecure_private_key"] config.ssh.private_key_path = ["~/.ssh/id_rsa", "~/.vagrant.d/insecure_private_key"]
config.vm.provision "file", source: "~/.ssh/id_rsa.pub", destination: "~/.ssh/authorized_keys" # append user's key to vagrant config to avoid overwrite of existing authorized_keys
# https://stackoverflow.com/a/31153912/8928529
config.vm.provision "ssh_pub_key", type: "shell" do |s|
ssh_pub_key = File.readlines("#{Dir.home}/.ssh/id_rsa.pub").first.strip
s.inline = <<-SHELL
echo #{ssh_pub_key} >> /home/vagrant/.ssh/authorized_keys
SHELL
end
config.vm.provision "shell", inline: <<-SHELL config.vm.provision "shell", inline: <<-SHELL
if [ -f /vagrant/localenv.sh ]; then if [ -f /vagrant/localenv.sh ]; then
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment