[Bug 2039434] Re: ubuntu-image leaving machine-id and host SSH keys in images
Paul Mars
2039434 at bugs.launchpad.net
Mon Oct 16 14:11:19 UTC 2023
** Changed in: ubuntu-image (Ubuntu)
Assignee: (unassigned) => Paul Mars (upils)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-image in Ubuntu.
https://bugs.launchpad.net/bugs/2039434
Title:
ubuntu-image leaving machine-id and host SSH keys in images
Status in ubuntu-image package in Ubuntu:
Confirmed
Bug description:
The mantic pi images (both server and desktop) have pre-generated
machine-id values in /etc/machine-id and /var/lib/dbus/machine-id. In
livecd-rootfs this is taken care of with a live-build hook [1][2] but
I don't believe there's an equivalent in the current ubuntu-image
implementation (or none that I could find).
More seriously, the mantic pi server images also have pre-generated
SSH host keys. Thankfully, the default cloud-init configuration
regenerates these on first boot before SSH comes up, but again these
should not be shipped in the images, and again this was taken care of
previously with a live-build hook [3][4].
[1]: https://git.launchpad.net/ubuntu/+source/livecd-rootfs/tree/live-
build/auto/config#n1238
[2]: https://git.launchpad.net/ubuntu/+source/live-
build/tree/share/hooks/004-remove-dbus-machine-id.chroot
[3]: https://git.launchpad.net/ubuntu/+source/livecd-rootfs/tree/live-
build/auto/config#n1239
[4]: https://git.launchpad.net/ubuntu/+source/live-
build/tree/share/hooks/006-remove-openssh-server-host-keys.chroot
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-image/+bug/2039434/+subscriptions
More information about the foundations-bugs
mailing list