gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/ec2-data: skip unrecognized keys in print-host-keys

Browse Source 
The recent move to strip out DSS support from the openssh package
means that older key formats cause the key-printing command to
fail. Rather than causing the entire unit to fail, we should instead
skip those keys - while still letting the error through to the
console - and continue to print other keys the loop may find.
This commit is contained in:
Tyler Langlois
2024-06-24 16:08:59 -06:00
parent 3788993dc9
commit 404fb5ab9c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/virtualisation/ec2-data.nix
View File

@@ -80,7 +80,7 @@ with lib;
# ec2-get-console-output. # ec2-get-console-output.
echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----" > /dev/console echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----" > /dev/console
for i in /etc/ssh/ssh_host_*_key.pub; do for i in /etc/ssh/ssh_host_*_key.pub; do
${config.programs.ssh.package}/bin/ssh-keygen -l -f $i > /dev/console ${config.programs.ssh.package}/bin/ssh-keygen -l -f $i || true > /dev/console
done done
echo "-----END SSH HOST KEY FINGERPRINTS-----" > /dev/console echo "-----END SSH HOST KEY FINGERPRINTS-----" > /dev/console
''; '';