܍~c UdZddlZddlmZddlmZddlmZmZddl m Z ddl m Z ddl mZmZdd lmZd Zd gZd d ddeedededgegdZeed<eeZdZdede de dededdf dZdS)zFKeys to Console: Control which SSH host keys may be written to consoleN)Logger)dedent)subputil)Cloud)Config) MetaSchema get_meta_doc) PER_INSTANCEz(%s/cloud-init/write-ssh-key-fingerprintsallcc_keys_to_consolezKeys to Consolez5Control which SSH host keys may be written to consoleasFor security reasons it may be desirable not to write SSH host keys and their fingerprints to the console. To avoid either being written to the console the ``emit_keys_to_console`` config key under the main ``ssh`` config key can be used. To avoid the fingerprint of types of SSH host keys being written to console the ``ssh_fp_console_blacklist`` config key can be used. By default, all types of keys will have their fingerprints written to console. To avoid host keys of a key type being written to console the``ssh_key_console_blacklist`` config key can be used. By default, ``ssh-dss`` host keys are not written to console.z # Do not print any SSH keys to system console ssh: emit_keys_to_console: false z~ # Do not print certain ssh key types to console ssh_key_console_blacklist: [dsa, ssh-dss] z # Do not print specific ssh key fingerprints to console ssh_fp_console_blacklist: - E25451E0221B5773DEBFF178ECDACB160995AA89 - FE76292D55E8B28EE6DB2B34B2D8A784F8C0AAB0 )idnametitle descriptiondistrosexamples frequencyactivate_by_schema_keysmetacL |j}n#t$rd}YnwxYwt|zS)Nz/usr/lib) usr_lib_execAttributeErrorHELPER_TOOL_TPL)distrobase_libs E/usr/lib/python3/dist-packages/cloudinit/config/cc_keys_to_console.py_get_helper_tool_pathrHs@&  X %%s  rcfgcloudlogargsreturnctj|diddr|d|dSt |j}t j|s| d||dStj |dg}tj |ddg} |d |d |g}tj |\} } tj d | zd d dS#t$r| d wxYw)Nsshemit_keys_to_consoleTz;Skipping module named %s, logging of SSH host keys disabledz9Unable to activate module %s, helper tool not found at %sssh_fp_console_blacklistssh_key_console_blacklistzssh-dss,z%s F)stderrconsolez*Writing keys to the system console failed!)ris_falsegetdebugrrospathexistswarningget_cfg_option_listjoinr multi_logstrip Exception) rrr r!r" helper_path fp_blacklist key_blacklistcmdstdout_stderrs rhandler>Psp }SWWUB''++,BDIIJJ I4    ' 55K 7>>+ & & G     + 'L, (9+MCHH\22CHH]4K4KL IcNN v0MMMMMM  @AAA s A.D??!E )__doc__r/loggingrtextwrapr cloudinitrrcloudinit.cloudrcloudinit.configrcloudinit.config.schemar r cloudinit.settingsr rrr__annotations__rstrlistr>rrLsMLL  !!!!!!######<<<<<<<<++++++= '   D =          .!S**j***V ,t  &&& #(/5=A rK