Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use Vagrant private key instead of username for FRR #1963

Merged
merged 1 commit into from
Feb 22, 2025
Merged

Use Vagrant private key instead of username for FRR #1963

merged 1 commit into from
Feb 22, 2025

Conversation

ipspace
Copy link
Owner

@ipspace ipspace commented Feb 22, 2025

This is a proof-of-concept for the 'use Vagrant private key' VM authentication. FRR is used as an example because it already uses Debian Bookworm; other devices that could use the same approach are Cumulus (4/5), VyOS, and Linux.

We're adding private-key-based-authentication functionality to netlab while retaining the password-based authentication that might be needed for network management tools.

The Vagrant provisioning script adds the commands to set the password for the 'vagrant' user (unless it's not defined) and change the Debian default SSH authentication policy.

The Debian-specific provisioning steps are stored in a separate template as we'll need them when migrating Linux node to Debian.

@ipspace
Use Vagrant private key instead of username for FRR
567ef8a 
This is a proof-of-concept for the 'use Vagrant private key' VM
authentication. FRR is used as an example because it already uses
Debian Bookworm; other devices that could use the same approach are
Cumulus (4/5), VyOS, and Linux.

We're adding private-key-based-authentication functionality to netlab
while retaining the password-based authentication that might be
needed for network management tools.

The Vagrant provisioning script adds the commands to set the password
for the 'vagrant' user (unless it's not defined) and change the
Debian default SSH authentication policy.

The Debian-specific provisioning steps are stored in a separate
template as we'll need them when migrating Linux node to Debian.
@ipspace ipspace requested a review from jbemmel February 22, 2025 08:27
@ipspace
Copy link
Owner Author

ipspace commented Feb 22, 2025

This one retains password-based authentication while adding the support for VM-specific private key. I will update the documentation once I do the same thing for Linux.

jbemmel
jbemmel approved these changes Feb 22, 2025
View reviewed changes
Copy link
Collaborator

@jbemmel jbemmel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The deluxe version

@jbemmel jbemmel merged commit a289f4a into dev Feb 22, 2025
18 checks passed
@jbemmel jbemmel deleted the frr_private_key branch February 22, 2025 21:31
@ipspace ipspace mentioned this pull request Mar 1, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbemmel jbemmel jbemmel approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ipspace @jbemmel