mirror of
https://github.com/nchevsky/systemrescue-zfs.git
synced 2026-04-21 06:03:41 +00:00
a688cf3f8f
Precreating the file and directory makes it easier for the user to add their key since the correct permissions are already set. This does not interfere with using the yaml config to set a key or using the mechanisms described in https://systemd.io/CREDENTIALS/
14 lines
526 B
Text
14 lines
526 B
Text
# create an empty /root/.ssh/authorized_keys file with correct permissions
|
|
# this makes adding a key easier since the correct permissions are already set
|
|
#
|
|
# this builds upon /usr/lib/tmpfiles.d/provision.conf
|
|
# and supports adding entries via https://systemd.io/CREDENTIALS/
|
|
#
|
|
# See tmpfiles.d(5) for details
|
|
#
|
|
|
|
# Provision SSH key for root
|
|
d- /root :0700 root :root -
|
|
d- /root/.ssh :0700 root :root -
|
|
f /root/.ssh/authorized_keys :0600 root :root -
|
|
w+^ /root/.ssh/authorized_keys :0600 root :root - ssh.authorized_keys.root
|