[SRU] support SSH key value over fingerprint for Azure

Bug #1506244 reported by Ben Howard on 2015-10-14
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init
Undecided
Unassigned
cloud-init (Ubuntu)
Medium
Unassigned
Precise
Medium
Unassigned
Trusty
Medium
Unassigned
Vivid
Medium
Unassigned
Wily
Medium
Unassigned
Xenial
Medium
Unassigned

Bug Description

SRU JUSTIFICATION

[BACKGROUND] Azure's meta-data source now supports the use of SSH key values in addition to fingerprints.

[IMPACT] Instances booted with out cloud-init support for SSH public key values will be inaccessable on boot via SSH.

[FIX] Backport of 15.10 SSH public key support. Starting with 15.10, cloud-init supports both values (preferred) or generating the SSH public key from a fingerprint.

[TEST CASE]
- Update cloud-init from proposed
- Capture instance
- Create instance using SSH fingerprint, confirm instance is accessible via SSH.
- Create instance using SSH public key value, confirm instance is accessible via SSH.
- Create instance using both SSH fingerprint and a different SSH public key value. Confirm that the instance is accessible via SSH only with SSH public key value (i.e. the fingerprint is ignored).

[ORIGINAL REPORT]
Azure is changing the ovf-env.xml file. Instead of passing a fingerprint to the key and obtaining it separately, the SSH public key itself is passed via a new "<Value>" parameters:

        <SSH>
          <PublicKeys>
            <PublicKey>
              <Fingerprint>EB0C0AB4B2D5FC35F2F0658D19F44C8283E2DD62</Fingerprint>
              <Path>$HOME/UserName/.ssh/authorized_keys</Path>
              <Value>ssh-rsa AAAANOTAREALKEY== <email address hidden></Value>
            </PublicKey>
          </PublicKeys>

Related branches

Changed in cloud-init:
assignee: nobody → Ben Howard (utlemming)
summary: - support SSH key value over fingerprint for Azure
+ [SRU] support SSH key value over fingerprint for Azure
description: updated
Changed in cloud-init:
status: New → Fix Released
Changed in cloud-init (Ubuntu):
status: New → In Progress
Changed in cloud-init (Ubuntu Precise):
status: New → In Progress
Changed in cloud-init (Ubuntu Trusty):
status: New → In Progress
Changed in cloud-init (Ubuntu Vivid):
status: New → In Progress
Changed in cloud-init (Ubuntu Wily):
status: New → Fix Released
Changed in cloud-init (Ubuntu Xenial):
status: In Progress → Fix Released
assignee: nobody → Ben Howard (utlemming)
Changed in cloud-init (Ubuntu Wily):
assignee: nobody → Ben Howard (utlemming)
Changed in cloud-init (Ubuntu Vivid):
assignee: nobody → Ben Howard (utlemming)
Changed in cloud-init (Ubuntu Trusty):
assignee: nobody → Ben Howard (utlemming)
Changed in cloud-init (Ubuntu Precise):
assignee: nobody → Ben Howard (utlemming)

Backported changes and uploaded; pending acceptance into -proposed.

Hello Ben, or anyone else affected,

Accepted cloud-init into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/0.7.5-0ubuntu1.15 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in cloud-init (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed
Changed in cloud-init (Ubuntu Vivid):
status: In Progress → Fix Committed
Chris J Arges (arges) wrote :

Hello Ben, or anyone else affected,

Accepted cloud-init into vivid-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/0.7.7~bzr1091-0ubuntu12 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Chris J Arges (arges) wrote :

Hello Ben, or anyone else affected,

Accepted cloud-init into precise-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/cloud-init/0.6.3-0ubuntu1.24 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in cloud-init (Ubuntu Precise):
status: In Progress → Fix Committed
Changed in cloud-init (Ubuntu Precise):
importance: Undecided → Medium
Changed in cloud-init (Ubuntu Trusty):
importance: Undecided → Medium
Changed in cloud-init (Ubuntu Vivid):
importance: Undecided → Medium
Changed in cloud-init (Ubuntu Wily):
importance: Undecided → Critical
importance: Critical → Medium
Changed in cloud-init (Ubuntu Xenial):
importance: Undecided → Medium

Verified.

tags: added: verification-done
removed: verification-needed

Verified.

The verification of the Stable Release Update for cloud-init has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 0.7.5-0ubuntu1.15

---------------
cloud-init (0.7.5-0ubuntu1.15) trusty; urgency=medium

  * Microsoft Azure:
    - d/patches/lp-1506244-azure-ssh-key-values.patch: AZURE: Add support
      and preference for fabric provided public SSH public key values over
      fingerprints (LP: #1506244).
    - use stable VM instance ID over SharedConfig.xml (LP: #1506187):
      - d/patches/lp-1506187-azure_use_unique_vm_id.patch: use DMI data for
        the stable VM instance ID
      - d/cloud-init.preinst: migrate existing instances to stable VM instance
        ID on upgrade from prior versions of cloud-init.

 -- Ben Howard <email address hidden> Tue, 17 Nov 2015 10:02:24 -0700

Changed in cloud-init (Ubuntu Trusty):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 0.7.7~bzr1091-0ubuntu12

---------------
cloud-init (0.7.7~bzr1091-0ubuntu12) vivid; urgency=medium

  * d/patches/lp-1506244-azure-ssh-key-values.patch: AZURE: Add support
    and preference for fabric provided public SSH public key values over
    fingerprints (LP: #1506244).

 -- Ben Howard <email address hidden> Tue, 17 Nov 2015 10:02:41 -0700

Changed in cloud-init (Ubuntu Vivid):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 0.6.3-0ubuntu1.24

---------------
cloud-init (0.6.3-0ubuntu1.24) precise; urgency=medium

  * d/patches/lp-1506244-azure-ssh-key-values.patch: AZURE: Add support
    and preference for fabric provided public SSH public key values over
    fingerprints (LP: #1506244).

 -- Ben Howard <email address hidden> Tue, 17 Nov 2015 10:02:08 -0700

Changed in cloud-init (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers