GCE data source should disregard expired SSH keys

Bug #1707039 reported by Dan Watkins on 2017-07-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
cloud-init
Medium
Max Illfelder
cloud-init (Ubuntu)
Medium
Max Illfelder

Bug Description

GCE supports the expiration of SSH keys. It does so by including the expiry time in a JSON blob in the comment section of the SSH key. As per [0], the format is:

ssh-rsa [KEY_VALUE] google-ssh {"userName":"[USERNAME]","expireOn":"[EXPIRE_TIME]"}

Keys can remain in metadata after expiry, so cloud-init should know how to filter them out itself.

[0] https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys

Related branches

Chad Smith (chad.smith) on 2018-01-23
Changed in cloud-init:
status: New → Fix Committed
Changed in cloud-init (Ubuntu):
status: New → Fix Committed
status: Fix Committed → New
Changed in cloud-init:
status: Fix Committed → New
Changed in cloud-init (Ubuntu):
status: New → Fix Committed
assignee: nobody → Max Illfelder (illfelder)
Changed in cloud-init:
status: New → Fix Committed
assignee: nobody → Max Illfelder (illfelder)
Scott Moser (smoser) on 2018-01-24
Changed in cloud-init:
importance: Undecided → Medium
Changed in cloud-init (Ubuntu):
importance: Undecided → Medium
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cloud-init - 17.2-20-g32a6a176-0ubuntu1

---------------
cloud-init (17.2-20-g32a6a176-0ubuntu1) bionic; urgency=medium

  * New upstream snapshot.
    - tests: Fix EC2 Platform to return console output as bytes.
    - tests: Fix attempted use of /run in a test case.
    - GCE: Improvements and changes to ssh key behavior for default user.
      [Max Illfelder] (LP: #1670456, #1707033, #1707037, #1707039)
    - subp: make ProcessExecutionError have expected types in stderr, stdout.
    - tests: when querying ntp server, do not do dns resolution.
    - Recognize uppercase vfat disk labels [James Penick] (LP: #1598783)
    - tests: remove zesty as supported OS to test

 -- Chad Smith <email address hidden> Tue, 23 Jan 2018 20:10:44 -0700

Changed in cloud-init (Ubuntu):
status: Fix Committed → Fix Released

This bug is believed to be fixed in cloud-init in 18.1. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers