support removing SSH keys entirely

[cgwalters]

Ref: #115 (comment)

Currently if a user provides an SSH key to the installer, then decides to remove it, the MCD will silently keep the last specified key.

In #292 we fixed a panic when the user section was empty. I think we should take the next step and remove the authorized keys.

The concrete scenario here is an administrator who initially provides a SSH key just to give themselves a "fallback", then gains confidence in the system and decides to remove it.

[kikisdeliveryservice]

/assign

[ashcrow]

/kind jira
/kind enchancement

[kikisdeliveryservice]

I'll work on this, but I will note that there is a difference between an empty Passwd:User section and an empty User:SSHAuthorizedKeys section for user core. This issue would cover the latter case as opposed to the former.

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[openshift-bot]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

[ashcrow]

Is this something we still need/want to do or should we go ahead and close this issue?

[openshift-bot]

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

[openshift-ci-robot]

@openshift-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

@fgimenezm: You can't reopen an issue/PR unless you authored it or you are a collaborator.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[fgimenezm]

This is even harder in latest versions. Removing the ssh MachineConfig now tries to remove the "core" user altogether which is not possible and makes the MCO fail to update the nodes.

[openshift-ci]

@fgimenezm: You can't reopen an issue/PR unless you authored it or you are a collaborator.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[fgimenezm]

This could be optimized, but currently if you'd like to remove ssh keys, you may update the sshkey MC to explicitly have sshkeys: []

This doesn't work. It results in this message being logged:

Message: Node lab1-czvfr-master-0 is reporting: "can't reconcile config rendered-master-03e6e309d18a7fe4295351a4afd58d80 with rendered-master-aac2805716bf9df925f7608973f6de83: ignition passwd user section contains unsupported changes: user must be core and have 1 or more sshKeys: unreconcilable"

That is because of this code here: https://github.com/kikisdeliveryservice/machine-config-operator/blob/c415ce6aed25604bc1d2478951db16759dac31f6/pkg/daemon/update.go#L850

[kikisdeliveryservice]

Ah yes sorry that is correct, you will need to supply 1 or more sshkeys.

[openshift-bot]

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

[openshift-ci]

@openshift-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.