Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1901187

Summary: OKD 4.6: Disable SSH keys lookup from authorized_keys.d on FCOS
Product: OpenShift Container Platform Reporter: Christian Glombek <cglombek>
Component: Machine Config OperatorAssignee: Christian Glombek <cglombek>
Machine Config Operator sub component: Machine Config Operator QA Contact: Michael Nguyen <mnguyen>
Status: CLOSED WONTFIX Docs Contact:
Severity: unspecified    
Priority: unspecified CC: aos-bugs, kgarriso, mkrejci
Version: 4.6   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-27 18:31:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Christian Glombek 2020-11-24 16:47:43 UTC 
Description of problem:

On FCOS, SSH key lookup from the /home/core/.ssh/authorized_keys.d/ directory
is currently disabled, which might yield unexpected results or even potential security issues when only /home/core/.ssh/authorized_keys is rotated.

Lookup from /home/core/.ssh/authorized_keys.d/ should be disabled altogether.

On RHCOS this is no an issue, as it already looks up SSH keys from the
authorized_keys file only.