slaprunner: doesn't use same key for sshd as resilient, because it can create conflicts

679ffe9d · Nicolas Wavrant · ea41a867 · 679ffe9d · 679ffe9d
Commit 679ffe9d authored Sep 13, 2016 by Nicolas Wavrant
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 3 deletions

software/slaprunner/common.cfg software/slaprunner/common.cfg +1 -1

software/slaprunner/instance-runner.cfg software/slaprunner/instance-runner.cfg +3 -2

No files found.
--- a/software/slaprunner/common.cfg
+++ b/software/slaprunner/common.cfg
@@ -54,7 +54,7 @@ mode = 0644
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-runner.cfg
 output = ${buildout:directory}/template-runner.cfg.in
-md5sum = c82bdb066b61846f159c2d49a21eb7e9
+md5sum = 8833cc43e6ce808b646bd92f67e57d53
 mode = 0644
 [template-runner-import-script]

--- a/software/slaprunner/instance-runner.cfg
+++ b/software/slaprunner/instance-runner.cfg
@@ -211,13 +211,14 @@ ip = $${slap-network-information:global-ipv6}
 recipe = slapos.recipe.template:jinja2
 rendered = $${directory:etc}/runner-sshd.conf
 path_pid = $${directory:run}/runner-sshd.pid
+host_key = $${directory:ssh}/runner_server_key.rsa
 template = inline:
  PidFile $${:path_pid}
  Port $${runner-sshd-port:port}
  ListenAddress $${slap-network-information:global-ipv6}
  Protocol 2
  UsePrivilegeSeparation no
-  HostKey $${directory:ssh}/server_key.rsa
+  HostKey $${:host_key}
  PasswordAuthentication no
  PubkeyAuthentication yes
  AuthorizedKeysFile $${buildout:directory}/.ssh/authorized_keys
@@ -226,7 +227,7 @@ template = inline:
 [runner-sshd-raw-server]
 recipe = slapos.cookbook:wrapper
 host = $${slap-network-information:global-ipv6}
-rsa-keyfile = $${directory:ssh}/server_key.rsa
+rsa-keyfile = $${runner-sshd-config:host_key}
 home = $${directory:ssh}
 command-line = ${openssh:location}/sbin/sshd -D -e -f $${runner-sshd-config:rendered}
 wrapper-path = $${directory:bin}/runner_raw_sshd