diff options
| author | Guido Berhoerster <guido+freiesoftware@berhoerster.name> | 2023-08-24 14:28:21 +0200 |
|---|---|---|
| committer | Mike Gabriel <sunweaver@debian.org> | 2023-09-07 18:45:35 +0000 |
| commit | 701d3794933d00778214aacff14ca5bd8f572dea (patch) | |
| tree | 5b1e5ca9c583966cbf5eec1bd10bac79568974be | |
| parent | 0fc425f54f5feb12cab5b12ac1c8f5c975828eea (diff) | |
| download | debian-edu-fai+itzks-701d3794933d00778214aacff14ca5bd8f572dea.tar.gz debian-edu-fai+itzks-701d3794933d00778214aacff14ca5bd8f572dea.tar.bz2 debian-edu-fai+itzks-701d3794933d00778214aacff14ca5bd8f572dea.zip | |
Fix instructions in README.md and /etc/debian-edu/debian-edu-fai.conf
The configuration file name is /etc/debian-edu/debian-edu-fai.conf not
/etc/debian-edu/faiinstall.conf.
Improve and shorten the instructions to set up SSH access for the fai user.
| -rw-r--r-- | README.md | 30 | ||||
| -rw-r--r-- | conf/debian-edu/debian-edu-fai.conf | 12 |
2 files changed, 21 insertions, 21 deletions
@@ -24,8 +24,9 @@ Only a few steps are required manually before executing ### Adjust the Debian Edu FAI configuration Before running ``debian-edu-faiinstall``, please adjust the configuration file -``/etc/debian-edu/faiinstall.conf``. That configuration file contains parameter -documentation in its comments, please follow suggestions etc. given there. +`/etc/debian-edu/debian-edu-fai.conf`. That configuration file contains +parameter documentation in its comments, please follow suggestions etc. given +there. ### Configure NFS exports @@ -41,18 +42,19 @@ At the end of a FAI installation, the FAI installer attempts to write its installation logs back to the FAI server. This is done via SSH (using pub/priv SSH key authentication). -To include this feature in your setup, please run these commands (with -some interactions of pressing the <ENTER> key) from the command line as -super-user root on your FAI server: +To include this feature in your setup, make sure the following configuration +options are set in `/etc/debian-edu/debian-edu-fai.conf`: ``` -$ su - fai -$ ssh-keygen -$ cat ~fai/.ssh/id_rsa.pub >> ~fai/.ssh/authorized_keys -$ ssh fai@$(hostname -s) -### accept host key with 'yes' -$ ssh fai@$(hostname -f) -### accept host key with 'yes' -$ ssh fai@$(hostname -I | cut -d" " -f1) -### accept host key with 'yes' +fai_logserver="$(hostname -f)" +fai_loguser='fai' +``` + +and run the follwoing command as root: + +``` +runuser -u fai -- sh -c 'umask 077; + ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N "" && + cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys && + ssh-keyscan -H "$(hostname -f)" >> ~/.ssh/known_hosts' ``` diff --git a/conf/debian-edu/debian-edu-fai.conf b/conf/debian-edu/debian-edu-fai.conf index 4ffd80d..0dd8c2f 100644 --- a/conf/debian-edu/debian-edu-fai.conf +++ b/conf/debian-edu/debian-edu-fai.conf @@ -13,13 +13,11 @@ # installer chroots (i.e. before running the debian-edu-faiinstall script). # # 1. Comment out fai_logserver and fai_loguser below. -# 2. adduser --system --home /var/log/fai/client-logs --shell /bin/bash fai -# 3. su - fai -# 4. ssh-keygen -# 5. cat ~fai/.ssh/id_rsa.pub > ~fai/.ssh/authorized_keys -# 6. Create ~fai/.ssh/known_hosts by... -# 7. (as user 'fai'): ssh fai@$(hostname -f) -# 8. Accept host key and by that add it to ~fai/.ssh/known_hosts +# 2. Run: +# runuser -u fai -- sh -c 'umask 077; +# ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N "" && +# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys && +# ssh-keyscan -H "$(hostname -f)" >> ~/.ssh/known_hosts' # # FAI server: |