system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-10-02 22:37:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

doc: fix .ssh credential examples

Browse source 
Let's create the .ssh dir with the right perms first.

Suggested by @gcb.

Fixes: #28172
This commit is contained in:
Lennart Poettering 2024-04-17 21:56:41 +02:00 committed by Luca Boccassi
parent 9fede461ca
commit 778abdbfa1
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/CREDENTIALS.md
View file

@ -451,7 +451,7 @@ qemu-system-x86_64 \
-device scsi-hd,drive=hd,bootindex=1 \
-device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=42 \
-smbios type=11,value=io.systemd.credential:vmm.notify_socket=vsock:2:1234 \
-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo "f~ /root/.ssh/authorized_keys 600 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0)
-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo -e "d /root/.ssh 0750 root root -\nf~ /root/.ssh/authorized_keys 0600 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0)
```
A process on the host can listen for the notification, for example:

2
man/tmpfiles.d.xml
View file

@ -868,7 +868,7 @@ e! /var/cache/krb5rcache - - - 0
<example>
<title>Provision SSH public key access for root user via Credentials in QEMU</title>
<programlisting>-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo "f~ /root/.ssh/authorized_keys 700 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0)
<programlisting>-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo -e "d /root/.ssh 0750 root root -\nf~ /root/.ssh/authorized_keys 0600 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0)
</programlisting>
<para>By passing this line to QEMU, the public key of the current user will be encoded in base64, added