cloud.cfg.tmpl should not include "ssh_deletekeys: 0"

Bug #1781094 reported by Doran Moppert on 2018-07-11
This bug affects 1 person
Affects Status Importance Assigned to Milestone

Bug Description

It seems that cloud-init inherited from Fedora the inclusion of "ssh_deletekeys: 0" in cloud.cfg.tmpl (commit 41d46bfb85). This is risky in orchestration environments where an instance might be used as a master or template, and cloned from without other tools removing SSH host keys. We believe that line should be removed from cloud.cfg.tmpl to reduce the risk of it being used in such environments.

CVE-2018-10896 has been assigned [1]. On the Fedora bug [2] we are looking into history.


Related branches

Scott Moser (smoser) wrote :

I'll fix the upstream config/cloud.cfg.tmpl to not include 'ssh_deletekeys: 0'.
Is there anything else expected there?

FWIW, this is from cloud-init commit:

which references that it came from fedora packaging commit

Changed in cloud-init:
importance: Undecided → Medium
status: New → Triaged
Scott Moser (smoser) wrote :
summary: - cloud.cfg.tmp should not include "ssh_deletekeys: 0"
+ cloud.cfg.tmpl should not include "ssh_deletekeys: 0"
Scott Moser (smoser) wrote :

Hi Doran,
I've proposed a merge to fix this at

Please review and test.

This bug is fixed with commit e218c597 to cloud-init on branch master.
To view that commit see the following URL:

Changed in cloud-init:
status: Triaged → Fix Committed

This bug is believed to be fixed in cloud-init in version 18.4. If this is still a problem for you, please make a comment and set the state back to New

Thank you.

Changed in cloud-init:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.