Skip to content

fix(ssh): use writable directory for generated host keys#1

Merged
irony merged 1 commit into
mainfrom
fix/ssh-host-key-permissions
May 17, 2026
Merged

fix(ssh): use writable directory for generated host keys#1
irony merged 1 commit into
mainfrom
fix/ssh-host-key-permissions

Conversation

@irony

@irony irony commented May 17, 2026

Copy link
Copy Markdown
Contributor

Problem

SSH-servern kraschade med när den försökte skriva host key till . Detta berodde på att:

  1. Secreten mountas read-only till
  2. SSH-servern försökte generera en ny RSA-nyckel i samma katalog
  3. Non-root användaren kunde inte skriva till read-only mount

Lösning

  • Kontrollera först om en ed25519-nyckel finns mountad från secret
  • Om inte, generera nyckel i (writable directory)
  • Ta bort oanvänd -variabel (TypeScript-fel)

Test

  • Poden startar utan CrashLoopBackOff
  • SSH-servern lyssnar på port 2222
  • NodePort 30022 vidarebefordrar till 2222

Relaterat till: SSH-server deployment till berget-stage

@irony
fix(ssh): use writable directory for generated host keys
55cac76 
- Check mounted secret first (ssh_host_ed25519_key)
- Fall back to data/ssh-keys directory for generated keys
- Fix read-only filesystem error when running as non-root user
Copilot AI review requested due to automatic review settings May 17, 2026 22:40
@irony irony merged commit 9e91e59 into main May 17, 2026
4 checks passed
Copilot AI reviewed May 17, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes an SSH server startup crash when host keys are generated into a read-only mounted secret by removing an unused hostKeyPath variable (TypeScript error cleanup).

Changes:

  • Removes unused hostKeyPath variable in createSSHServer to resolve a TypeScript error.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@irony