Improve ssh key config

Move insert_key directive before VM create to avoid custom key create Add comments motivating the config choices for ssh config steps Expand user key authz logic to append key rather than just replace all existing keys in vagrant user authorized_keys file.

Improve ssh key config
Move insert_key directive before VM create to avoid custom key create Add comments motivating the config choices for ssh config steps Expand user key authz logic to append key rather than just replace all existing keys in vagrant user authorized_keys file.
6e6fc44f · John-Paul Robinson · 1948f186 · 6e6fc44f
Commit 6e6fc44f authored 6 years ago by John-Paul Robinson
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -3,6 +3,9 @@

 Vagrant.configure("2") do |config|

+  # don't configure host-specific keys, config will use the user's key
+  config.ssh.insert_key = false
+
  config.vm.define "ohpc" do |ohpc|
    ohpc.vm.box = "ravi89/centos7.5"
    ohpc.vm.box_version = "1"
@@ -27,9 +30,17 @@ Vagrant.configure("2") do |config|
    vb.memory = "2048"
  end

-  config.ssh.insert_key = false
+  # define user's key and insecure default
+  # insecure default is required for initial provisioning
  config.ssh.private_key_path = ["~/.ssh/id_rsa", "~/.vagrant.d/insecure_private_key"]
-  config.vm.provision "file", source: "~/.ssh/id_rsa.pub", destination: "~/.ssh/authorized_keys"
+  # append user's key to vagrant config to avoid overwrite of existing authorized_keys
+  # https://stackoverflow.com/a/31153912/8928529
+  config.vm.provision "ssh_pub_key", type: "shell" do |s|
+      ssh_pub_key = File.readlines("#{Dir.home}/.ssh/id_rsa.pub").first.strip
+      s.inline = <<-SHELL
+        echo #{ssh_pub_key} >> /home/vagrant/.ssh/authorized_keys
+      SHELL
+  end

  config.vm.provision "shell", inline: <<-SHELL
    if [ -f /vagrant/localenv.sh ]; then