vagrant-rekey-ssh 0.1.1 → 0.1.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +8 -8
  2. data/Gemfile +1 -1
  3. data/README.md +5 -5
  4. data/lib/vagrant-rekey-ssh/actions/ssh_info.rb +5 -1
  5. data/lib/vagrant-rekey-ssh/version.rb +1 -1
  6. metadata +3 -3
checksums.yaml CHANGED
@@ -1,15 +1,15 @@
1
1
  ---
2
2
  !binary "U0hBMQ==":
3
3
  metadata.gz: !binary |-
4
- NTkyMzA1ZGQ2YjAwYzI5MDVlYjY0MmZmY2E4Y2FjMjU1NmZiZWMzMA==
4
+ ZjNkMTYxOTliZDNiN2ZlMDU0ZTBjNDIwZDM2ZTdjMDRjNzEzOWRjMQ==
5
5
  data.tar.gz: !binary |-
6
- MzI0ZTllMWNjZjcwYjJhZmNkNDVhYThiN2Y4Nzg4NzViYjU0YjIxOQ==
6
+ NzFkMTljMTRhMmEwYzgyYjQ2YjMwYTI0Y2QzZDMxMmZmY2JjMTU1OQ==
7
7
  SHA512:
8
8
  metadata.gz: !binary |-
9
- MWFkODA3MDJjOTNlOTE0NjgyMTFkYjc3YTVlZmM5YWI5YTg0Yjc0NDVjNGY1
10
- ZDQ3MDFkMTFiNWNhYzk5NWJjZWU3Nzk5Y2RhMTM0YTBiYzA0YjNlNWE5Yjhh
11
- NDc1YjFkNWQyNzJmODhjYzVlMjZkNTMyZGEwMzU4MmY4ZjllM2E=
9
+ MjlhMzQ2NzAzOWRhZjUzMGI1ZjM1MjMxNmNiYzRjODMwZTE1NDJlZmNlMmVl
10
+ ZDUyYmMwNGEwYWNmNmJkNjYxYzkyMGZhNGI1OGE1ZmZlNjFlN2JiZDM1MDhi
11
+ MDlmOTA2OWRmYTg3MWNkZGJmODI5M2UyM2EwZDBkZDk2ZTQ0ZDE=
12
12
  data.tar.gz: !binary |-
13
- ZDhlZjdkYWRiYzcyNzFiZDlkZDA1MzQxOWVkMjIwNDhlMDE5YjVmMDNjNDU0
14
- YjU3YzNiNDU0MTgzN2MxMmZkZmQyNmVkYzY4ZTE4ZDY2NDkyZjhhNDNlZDMy
15
- MzA2YzFlOGJhNTFlNGIwYzgyMzMyMWZjY2UxYWVkMWRjNDQxOWY=
13
+ MTRjMDlhZTI0ZDExNTVkZDI1M2YzZTM2MTU4M2I5Yzk0Y2VlNmNhMGI1MThl
14
+ M2ZkM2U4Zjk5ODE1NDI2OTU4NzE0OWYyNDYyZjIxM2VlYTcxYjVmZWUwMmY5
15
+ NTI5YjEwYWNlZjNlZmMyYzBmZmQyMDU0NWEwYzMwNzZjMWRkZDk=
data/Gemfile CHANGED
@@ -7,6 +7,6 @@ group :development do
7
7
  # We depend on Vagrant for development, but we don't add it as a
8
8
  # gem dependency because we expect to be installed within the
9
9
  # Vagrant environment itself using `vagrant plugin`.
10
- gem "vagrant", :git => "https://github.com/mitchellh/vagrant.git", :tag => 'v1.3.5'
10
+ # gem "vagrant", :git => "https://github.com/mitchellh/vagrant.git"
11
11
  end
12
12
 
data/README.md CHANGED
@@ -8,7 +8,7 @@ Rationale
8
8
  ---------
9
9
 
10
10
  All Vagrant boxes come with the same ssh key and passwords installed. This
11
- means anyone who can ssh into your VM, will be able to authenticate to it
11
+ means anyone who can ssh into your VM will be able to authenticate to it
12
12
  if they try the vagrant default credentials. Additionally, vagrant boxes
13
13
  come with passwordless sudo privileges, so anyone able to SSH into your
14
14
  box will be able to do whatever they want on it.
@@ -17,7 +17,7 @@ As of Vagrant 1.2.3, for the most part this doesn't matter, because you can
17
17
  only access the Vagrant VM from localhost (previous versions allowed access
18
18
  from any machine on your local network). However, this becomes *extremely*
19
19
  important if you are using a vagrant box that is on a bridged network. If
20
- your VM is on a bridged network, without other controls in place that means
20
+ your VM is on a bridged network without other controls in place, that means
21
21
  *anyone* who has access to your local network can SSH into your VM and get
22
22
  root access on it. There are plenty of documented ways of breaking out of a
23
23
  VM, so this is clearly a problem that needs to be addressed.
@@ -28,12 +28,12 @@ Since that isn't currently the case, I've created this plugin to help.
28
28
  This solution
29
29
  -------------
30
30
 
31
- The first time that this plugin is ran, it generates a unique SSH key and
31
+ The first time that this plugin is run, it generates a unique SSH key and
32
32
  stores it as `~/vagrant.d/less_insecure_private_key`. Whenever you run the
33
33
  `vagrant provision` command, this plugin will run a script to check the
34
34
  authorized keys for the vagrant user to determine if the insecure key
35
- public key is present. If it is present, it will replace the key with the
36
- public key for the generated public key.
35
+ public key is present. If it is present, it will replace the insecure key
36
+ with the public key for the generated key pair.
37
37
 
38
38
  Additionally, if the insecure public key is present, it will delete the
39
39
  passwords for root and vagrant, so that you cannot login using a password.
data/lib/vagrant-rekey-ssh/actions/ssh_info.rb CHANGED
@@ -28,7 +28,11 @@ module VagrantPlugins
28
28
  if @machine.config.ssh.private_key_path.nil?
29
29
 
30
30
  if ::File.exists?(rekey_sentinel_file)
31
- @machine.config.ssh.private_key_path = ssh_key_path
31
+ if Vagrant::VERSION < "1.4.0"
32
+ @machine.config.ssh.private_key_path = ssh_key_path
33
+ else
34
+ @machine.config.ssh.private_key_path = [ssh_key_path]
35
+ end
32
36
  end
33
37
 
34
38
  # Vagrant < 1.4 only supports a single ssh key, do this differently
data/lib/vagrant-rekey-ssh/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module VagrantPlugins
2
2
  module RekeySSH
3
- VERSION = "0.1.1"
3
+ VERSION = "0.1.3"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vagrant-rekey-ssh
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dustin Spicuzza
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-12-09 00:00:00.000000000 Z
11
+ date: 2013-12-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -80,7 +80,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
80
80
  version: '0'
81
81
  requirements: []
82
82
  rubyforge_project:
83
- rubygems_version: 2.1.10
83
+ rubygems_version: 2.1.5
84
84
  signing_key:
85
85
  specification_version: 4
86
86
  summary: Automatically secure vagrant boxes with a randomly generated SSH key