ssh public key fingerprint not available on console in UEC environement

Bug #451881 reported by Mathias Gug on 2009-10-15
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ec2-init (Ubuntu)
High
Scott Moser
Karmic
High
Scott Moser

Bug Description

Binary package hint: ec2-init

While booting of the uec image on UEC, the fingerprint of the ssh key is not printed to the console and doesn't show up in the euca-get-console-output.

Mathias Gug (mathiaz) on 2009-10-15
tags: added: uec-images
Mathias Gug (mathiaz) wrote :

I've attached a console output.

summary: - ssh public key fingerprint not available on console
+ ssh public key fingerprint not available on console in UEC environement
Changed in ec2-init (Ubuntu):
status: New → Triaged
importance: Undecided → High
milestone: none → ubuntu-9.10
Thierry Carrez (ttx) on 2009-10-19
Changed in ec2-init (Ubuntu Karmic):
assignee: nobody → Scott Moser (smoser)
milestone: ubuntu-9.10 → none
Thierry Carrez (ttx) wrote :

Per 20091020 meeting decision

Changed in ec2-init (Ubuntu Karmic):
status: Triaged → Won't Fix
Scott Moser (smoser) on 2009-10-21
tags: added: ec2-images
Scott Moser (smoser) wrote :

This is actually a regression since beta. At first I thought it was only a problem with UEC, and not as significant a problem. However, it is also present on ec2. The change that caused it was removal of 'console output' from /etc/init/rc.conf (in upstart).

We were previously relying on output of init scripts going to /dev/console.

Changed in ec2-init (Ubuntu Karmic):
milestone: none → ubuntu-9.10
status: Won't Fix → In Progress
Scott Moser (smoser) wrote :

just recording this option:
$ cat /etc/rsyslog.d/48-logger.conf
# logger by default writes user.notice. get those to /dev/console
user.=notice /dev/console

That would send all 'logger' messages to /dev/console.

Its not completely sufficent here though as we cannot be sure that rsyslog is running when ec2-init runs. In all likelyhood it is, but we absolutely want ssh key to console.

Scott Moser (smoser) wrote :

I've tested the patch at http://bazaar.launchpad.net/~smoser/+junk/ec2-init.karmic/revision/34 (also attached) on ec2 and uec.

Changed in ec2-init (Ubuntu Karmic):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ec2-init - 0.4.999-0ubuntu5

---------------
ec2-init (0.4.999-0ubuntu5) karmic; urgency=low

  * write regenerate_ssh_host_keys output directly to /dev/console
    to ensure that it gets there. (LP: #451881)

 -- Scott Moser <email address hidden> Wed, 21 Oct 2009 17:23:38 -0400

Changed in ec2-init (Ubuntu Karmic):
status: Fix Committed → Fix Released
Scott Moser (smoser) wrote :

verified fixed in ami-9733d0fe (ubuntu-images-testing-us/ubuntu-karmic-daily-i386-server-20091022.manifest.xml)

$ euca-describe-instances i-a815acc0
RESERVATION r-6850a500 950047163771 default
INSTANCE i-a815acc0 ami-9733d0fe ec2-67-202-0-187.compute-1.amazonaws.com ip-10-242-57-145.ec2.internal running ec2-keypair 0 m1.small 2009-10-22T04:16:27.000Z us-east-1c aki-f9c52690 ari-9b33d0f2

$ euca-get-console-output i-a815acc0 | sed -n '/^###/,/^###/p'
#############################################################
-----BEGIN SSH HOST KEY FINGERPRINTS-----
2048 f6:4b:d4:67:90:55:61:a9:f7:cf:da:3d:1e:6f:28:05 /etc/ssh/ssh_host_rsa_key.pub (RSA)
1024 6a:8c:31:22:b4:b1:45:4a:8e:68:08:81:6d:de:68:c4 /etc/ssh/ssh_host_dsa_key.pub (DSA)
-----END SSH HOST KEY FINGERPRINTS-----
#############################################################

I've also verified that this is fixed in UEC images of 20091022.

Chuck Short (zulcss) wrote :

I also have verified this in the rc release:

#############################################################
-----BEGIN SSH HOST KEY FINGERPRINTS-----
2048 45:e2:fa:90:d9:90:08:ab:a4:36:31:dd:ae:b4:a2:c8 /etc/ssh/ssh_host_rsa_key.pub (RSA)
1024 2f:80:1e:a4:f4:5e:05:65:54:99:24:a4:1d:dc:2f:64 /etc/ssh/ssh_host_dsa_key.pub (DSA)
-----END SSH HOST KEY FINGERPRINTS-----
#############################################################

Chuck

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers