From 2622595344f574ef5da738dfbb183768c0661e51 Mon Sep 17 00:00:00 2001 From: "Joshua M. Boniface" Date: Fri, 1 Sep 2023 15:41:57 -0400 Subject: [PATCH] Add workaround if keys fail to fetch --- templates/install.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/templates/install.sh b/templates/install.sh index 5bcdd5b..f71497c 100755 --- a/templates/install.sh +++ b/templates/install.sh @@ -786,10 +786,10 @@ chroot ${target} mkdir -p /var/home/${target_deploy_user}/.ssh if [[ -n ${target_keys_path} ]]; then case ${target_keys_method} in wget) - wget -O ${target}/var/home/${target_deploy_user}/.ssh/authorized_keys ${target_keys_path} + wget -O ${target}/var/home/${target_deploy_user}/.ssh/authorized_keys ${target_keys_path} || failed_keys="y" ;; tftp) - tftp -m binary "${seed_host}" -c get "${target_keys_path}" ${target}/var/home/${target_deploy_user}/.ssh/authorized_keys + tftp -m binary "${seed_host}" -c get "${target_keys_path}" ${target}/var/home/${target_deploy_user}/.ssh/authorized_keys || failed_keys="y" ;; esac chroot ${target} chmod 0600 /var/home/${target_deploy_user}/.ssh/authorized_keys @@ -798,6 +798,12 @@ else echo "${target_deploy_user}:${target_password}" | chroot ${target} chpasswd >&2 fi echo "done." +if [[ -n ${failed_keys} ]]; then + target_password="$( pwgen -s 8 1 )" + echo "WARNING: Failed to fetch keys; target deploy user SSH keyauth will fail." + echo "Setting temporary random password '${temp_password}' instead." + echo "${target_deploy_user}:${target_password}" | chroot ${target} chpasswd >&2 +fi echo -n "Setting NOPASSWD for sudo group... " sed -i 's/^%sudo\tALL=(ALL:ALL) ALL/%sudo\tALL=(ALL:ALL) NOPASSWD: ALL/' ${target}/etc/sudoers