I previously published a way to add an SSH Key to a CoreOS Droplet. It is quite complicated. However, I neglected to realize that after CoreOS is up and running, I can just add entries in ~/.ssh/authorized_keys. Doh.
1. ssh core@your_coreos_machine 2. scp you@your_ssh_client cat ~/.ssh/id_rsa.pub >> .ssh/authorized_keys
All done. Well, almost. This is a temporary measure. The authorized_keys file is overwritten by the contents of the ssh_keys section of cloud-config.yaml, which has been squirreled away during the install. It cannot be changed.
However, it is possible to use a "config drive" to add authorized_keys to CoreOS. The clues are posted here:
Here's a useful script to generate the .iso file:
#!/bin/bash ( echo "#cloud-config" echo "ssh_authorized_keys:" echo " - $(cat ~/.ssh/id_rsa.pub)" echo " - $(cat small_id_rsa.pub)" echo " - $(cat localhost_id_rsa.pub)" ) > user_data mkdir -p /tmp/new-drive/openstack/latest cp user_data /tmp/new-drive/openstack/latest/user_data #mkisofs -R -V config-2 -o configdrive.iso /tmp/new-drive hdiutil makehybrid -iso -joliet -default-volume-name config-2 -o configdrive.iso /tmp/new-drive rm -r /tmp/new-drive
To add an SSH Key you must:
- remove .ssh/authorized_keys.d/coreos-cloudinit
- stop the VM
- make a new configdrive.iso with the new keys in it
- start the VM