Bug #3931

ssh contextualisation should *not* overwrite authorized_keys file

Added by Nico Schottelius almost 6 years ago. Updated almost 6 years ago.

Status:ClosedStart date:08/11/2015
Priority:NormalDue date:
Assignee:Javi Fontan% Done:


Target version:Release 4.14
Resolution:fixed Pull request:
Affected Versions:OpenNebula 4.12


The problem with overwriting on (re-)boot is that every manual change is overwritten. This causes problems, because users are usually not aware of what opennebula is "doing to their VM".

I suggest to change it to append, if the key is not present. It can be a very simple script like if ! grep "$key" ~root/.ssh/authorized_keys; then echo $key >> ... ; fi

If the contextualisation packages are somewhere available in a version control repo, I can also create a pull request


#1 Updated by Daniel Dehennin almost 6 years ago


The context repository is an addon on GitHub.

#2 Updated by Ruben S. Montero almost 6 years ago

  • Category set to Context
  • Target version set to Release 4.14

#3 Updated by Ruben S. Montero almost 6 years ago

  • Assignee set to Javi Fontan

#4 Updated by Javi Fontan almost 6 years ago

I would do that per line as SSH_PUBLIC_KEY can contain more than one key. The code for the script that generates authorized_keys is at:


The file is emptied so it does not grow indefinitely in each boot.

#5 Updated by Nico Schottelius almost 6 years ago

I think an easy solution is to use a while loop:

while read key; do
    if grep -v -q -e "$key" /root/.ssh/authorized_keys; then
        echo $key >> /root/.ssh/authorized_keys
done < "$SSH_PUBLIC_KEY" 

#6 Updated by Javi Fontan almost 6 years ago

I've added a new issue in the GitHub repository and will work on a solution with the code you've provided.



#7 Updated by Javi Fontan almost 6 years ago

  • Status changed from Pending to Closed
  • Resolution set to fixed

I've added the change to the context repo. It should be available in the next contextualization package version.



Also available in: Atom PDF