sshutil does not correctly interpret relative paths in sshd_config

Bug #970071 reported by Andy Grimm
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fix Released
Scott Moser
cloud-init (Ubuntu)
Fix Released

Bug Description

From the sshd_config manpage:

After expansion, AuthorizedKeysFile is taken to be an absolute path or one relative to the user's home directory. The default is “.ssh/authorized_keys”.

However, cloud-init currently does not interpret relative paths this way. A possible fix would be:

--- a/cloudinit/ 2012-03-31 09:28:42.598996936 -0400
+++ b/cloudinit/ 2012-03-31 09:40:47.758829938 -0400
@@ -155,6 +155,8 @@
        akeys = ssh_cfg.get("AuthorizedKeysFile", "%h/.ssh/authorized_keys")
        akeys = akeys.replace("%h", pwent.pw_dir)
        akeys = akeys.replace("%u", user)
+ if not akeys.startswith('/'):
+ akeys = os.path.join(pwent.pw_dir, akeys)
        authorized_keys = akeys
    except Exception:
        authorized_keys = '%s/.ssh/authorized_keys' % pwent.pw_dir

Related branches

James Page (james-page)
Changed in cloud-init (Ubuntu):
importance: Undecided → Low
Revision history for this message
Scott Moser (smoser) wrote :

fix-committed in revno 558.

Changed in cloud-init:
assignee: nobody → Scott Moser (smoser)
importance: Undecided → Medium
status: New → Fix Committed
Scott Moser (smoser)
Changed in cloud-init (Ubuntu):
status: New → Triaged
Revision history for this message
Scott Moser (smoser) wrote :

quantal has newer version than trunk at revno 558, so this should be fixed.

Changed in cloud-init (Ubuntu):
status: Triaged → Fix Released
Scott Moser (smoser)
Changed in cloud-init:
status: Fix Committed → Fix Released
Revision history for this message
James Falcon (falcojr) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.