diff options
author | Alberto Contreras <alberto.contreras@canonical.com> | 2023-02-16 15:39:32 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-16 08:39:32 -0600 |
commit | e4f56efce3e04e128c065ae15762b7ef5c02bcc9 (patch) | |
tree | 419c9a719a67030efbc86e5df5c52ef0a164a12a /cloudinit/config | |
parent | bf06b3e6f16f9c3bf3a662d1a9f440dffc989fce (diff) | |
download | cloud-init-git-e4f56efce3e04e128c065ae15762b7ef5c02bcc9.tar.gz |
cc_ssh: support multiple hostcertificates (#2018)
LP: #1999164
Diffstat (limited to 'cloudinit/config')
-rw-r--r-- | cloudinit/config/cc_ssh.py | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/cloudinit/config/cc_ssh.py b/cloudinit/config/cc_ssh.py index c01dd48c..1ec889f3 100644 --- a/cloudinit/config/cc_ssh.py +++ b/cloudinit/config/cc_ssh.py @@ -211,6 +211,7 @@ def handle( if "ssh_keys" in cfg: # if there are keys and/or certificates in cloud-config, use them + cert_config = [] for (key, val) in cfg["ssh_keys"].items(): if key not in CONFIG_KEY_TO_FILE: if pattern_unsupported_config_keys.match(key): @@ -224,8 +225,10 @@ def handle( util.write_file(tgt_fn, val, tgt_perms) # set server to present the most recently identified certificate if "_certificate" in key: - cert_config = {"HostCertificate": tgt_fn} - ssh_util.update_ssh_config(cert_config) + cert_config.append(("HostCertificate", str(tgt_fn))) + + if cert_config: + ssh_util.append_ssh_config(cert_config) for private_type, public_type in PRIV_TO_PUB.items(): if ( |