Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(rsyncd) allow specifying path to existing host keys through configuration.sshd.persistentHostKeys #1452

Merged
merged 2 commits into from
Nov 28, 2024
Merged

feat(rsyncd) allow specifying path to existing host keys through configuration.sshd.persistentHostKeys #1452

merged 2 commits into from
Nov 28, 2024

Conversation

dduportal
Copy link
Contributor

@dduportal dduportal commented Nov 27, 2024
edited
Loading

Related to jenkins-infra/helpdesk#4402 (comment)

Each time the rsyncd (with sshd enabled) restarts on a new node, it regenerates the SSHD host keys which fails any new connections.

This PR updates the chart (and entrypoint - ref. jenkins-infra/docker-rsyncd#29) to allow specifying a directory in which to get existing SSH host keys at restart through the configuration.sshd.persistentHostKeys value.

Tested locally on k3s by using a component's specified PVC with a subdir:

  • Installed the chart one time without the persistence key enabled
  • Copied the generated keys in the PVC's subdir
  • Ran one time a rsync command: it asked the usual "yes/no" question about host fingerprint. Accepted tyo have my known_host up to date.
  • Uninstall the chart (except the PVC)
  • Re-install with configuration.sshd.persistentHostKeys specified to the PVC's subdir
  • Ran a second time the rsync command: no host fingerprint change detected!

@dduportal
feat(rsyncd) allow specifying path to existing host keys through 'con…
e5f23b0 
…figuration.sshd.persistentHostKeys'

Signed-off-by: Damien Duportal <[email protected]>
@dduportal
fixup: unit tests
ea0676c 
Signed-off-by: Damien Duportal <[email protected]>
@dduportal dduportal force-pushed the feat/rsyncd/constant-ssh-hostkeys branch from 83e0b30 to ea0676c Compare November 28, 2024 06:31
@dduportal dduportal added enhancement New feature or request rsyncd labels Nov 28, 2024
@dduportal dduportal marked this pull request as ready for review November 28, 2024 06:44
@dduportal dduportal merged commit 1fccb9e into jenkins-infra:main Nov 28, 2024
3 checks passed
@dduportal dduportal deleted the feat/rsyncd/constant-ssh-hostkeys branch November 28, 2024 06:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement New feature or request rsyncd
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dduportal