Upon further thought and conversation, we've realised that this represents a security issue. If the following user-data is specified (note that the bootcmd is used to modify SSH's configuration to match the reported one; this happens before SSH starts, and before cloud-init performs any SSH modification and so allows for testing this bug without mastering a new image):
and the SSH key specified for `test_user` is different to the default SSH key provided for the system, then /etc/ssh/authorized_keys will end up with this content:
```
ssh-rsa <test_user's key material>
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"NONE\" rather than the user \"root\".';echo;sleep 10;exit 142" ssh-rsa <default key's material>
```
and SSHing to the system as root using test_user's key will succeed.
(It has to be as root because cloud-init modifies /etc/ssh and /etc/ssh/authorized_keys to only be accessible/readable by root, and sshd uses the connecting user's permissions to read their authorized keys. But sshd will accept the key for _any_ user that can read /etc/ssh/authorized_keys.)
Upon further thought and conversation, we've realised that this represents a security issue. If the following user-data is specified (note that the bootcmd is used to modify SSH's configuration to match the reported one; this happens before SSH starts, and before cloud-init performs any SSH modification and so allows for testing this bug without mastering a new image):
``` eysFile. *,AuthorizedKey sFile /etc/ssh/ authorized_ keys," /etc/ssh/ sshd_configuser s: d_keys:
#cloud-config
bootcmd:
- sed -i "s,#AuthorizedK
- name: test_user
ssh_authorize
- ssh-rsa <redacted key material>
```
and the SSH key specified for `test_user` is different to the default SSH key provided for the system, then /etc/ssh/ authorized_ keys will end up with this content:
``` forwarding, no-agent- forwarding, no-X11- forwarding, command= "echo 'Please login as the user \"NONE\" rather than the user \"root\ ".';echo; sleep 10;exit 142" ssh-rsa <default key's material>
ssh-rsa <test_user's key material>
no-port-
```
and SSHing to the system as root using test_user's key will succeed.
(It has to be as root because cloud-init modifies /etc/ssh and /etc/ssh/ authorized_ keys to only be accessible/readable by root, and sshd uses the connecting user's permissions to read their authorized keys. But sshd will accept the key for _any_ user that can read /etc/ssh/ authorized_ keys.)