1901187 – OKD 4.6: Disable SSH keys lookup from authorized_keys.d on FCOS

Bug 1901187 - OKD 4.6: Disable SSH keys lookup from authorized_keys.d on FCOS

Summary: OKD 4.6: Disable SSH keys lookup from authorized_keys.d on FCOS

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Machine Config Operator
Sub Component:
Version:	4.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Christian Glombek
QA Contact:	Michael Nguyen
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-11-24 16:47 UTC by Christian Glombek
Modified:	2021-10-27 18:31 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-10-27 18:31:58 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Christian Glombek 2020-11-24 16:47:43 UTC

Description of problem:

On FCOS, SSH key lookup from the /home/core/.ssh/authorized_keys.d/ directory
is currently disabled, which might yield unexpected results or even potential security issues when only /home/core/.ssh/authorized_keys is rotated.

Lookup from /home/core/.ssh/authorized_keys.d/ should be disabled altogether.

On RHCOS this is no an issue, as it already looks up SSH keys from the
authorized_keys file only.

Note You need to log in before you can comment on or make changes to this bug.