cloud-init/fix-permission-of-the-private-key.patch

From ef18ff5a437e9abe91c81289157a4e846169736a Mon Sep 17 00:00:00 2001
From: shixuantong <shixuantong1@huawei.com>
Date: Tue, 14 Mar 2023 07:38:03 +0000
Subject: [PATCH] fix permission of the private key

---
 cloudinit/config/cc_ssh.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cloudinit/config/cc_ssh.py b/cloudinit/config/cc_ssh.py
index 6210627..bc4a158 100644
--- a/cloudinit/config/cc_ssh.py
+++ b/cloudinit/config/cc_ssh.py
@@ -274,7 +274,7 @@ def handle(_name, cfg, cloud: Cloud, log: Logger, _args):
                     if gid != -1:
                         # perform same "sanitize permissions" as sshd-keygen
                         os.chown(keyfile, -1, gid)
-                        os.chmod(keyfile, 0o640)
+                        os.chmod(keyfile, 0o600)
                         os.chmod(keyfile + ".pub", 0o644)
                 except subp.ProcessExecutionError as e:
                     err = util.decode_binary(e.stderr).lower()
-- 
2.39.1
Fix permission of SSH host keys 2023-03-14 14:49:04 +08:00			`From ef18ff5a437e9abe91c81289157a4e846169736a Mon Sep 17 00:00:00 2001`
			`From: shixuantong <shixuantong1@huawei.com>`
			`Date: Tue, 14 Mar 2023 07:38:03 +0000`
			`Subject: [PATCH] fix permission of the private key`

			`---`
			`cloudinit/config/cc_ssh.py \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/cloudinit/config/cc_ssh.py b/cloudinit/config/cc_ssh.py`
			`index 6210627..bc4a158 100644`
			`--- a/cloudinit/config/cc_ssh.py`
			`+++ b/cloudinit/config/cc_ssh.py`
			`@@ -274,7 +274,7 @@ def handle(_name, cfg, cloud: Cloud, log: Logger, _args):`
			`if gid != -1:`
			`# perform same "sanitize permissions" as sshd-keygen`
			`os.chown(keyfile, -1, gid)`
			`- os.chmod(keyfile, 0o640)`
			`+ os.chmod(keyfile, 0o600)`
			`os.chmod(keyfile + ".pub", 0o644)`
			`except subp.ProcessExecutionError as e:`
			`err = util.decode_binary(e.stderr).lower()`
			`--`
			`2.39.1`