diff options
| author | Luca Boccassi <bluca@debian.org> | 2022-09-08 17:27:52 +0200 |
|---|---|---|
| committer | Luca Boccassi <bluca@debian.org> | 2022-09-08 17:27:52 +0200 |
| commit | 87d1886346ab0bc57fae6f1e6e10646f088cc3f6 (patch) | |
| tree | c26b1c81f0a76512a8f25b8664120e7da8b664e8 /man/tmpfiles.d.xml | |
| parent | test: check the numa-test.service status directly (diff) | |
| download | systemd-87d1886346ab0bc57fae6f1e6e10646f088cc3f6.tar.xz systemd-87d1886346ab0bc57fae6f1e6e10646f088cc3f6.zip | |
man: add example with one-liner for ssh provisioning via tmpfiles.d + Creds
Diffstat (limited to '')
| -rw-r--r-- | man/tmpfiles.d.xml | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml index 04617bc532..15785d1bf2 100644 --- a/man/tmpfiles.d.xml +++ b/man/tmpfiles.d.xml @@ -826,6 +826,19 @@ e! /var/cache/krb5rcache - - - 0 will be removed on boot. The directory will not be created. </para> </example> + + <example> + <title>Provision SSH public key access for root user via Credentials in QEMU</title> + + <programlisting>-smbios type=11,value=io.systemd.credential.binary:tmpfiles.extra=$(echo "f~ /root/.ssh/authorized_keys 700 root root - $(ssh-add -L | base64 -w 0)" | base64 -w 0) +</programlisting> + + <para>By passing this line to QEMU, the public key of the current user will be encoded in + base64, added to a tmpfiles.d line that tells systemd-tmpfiles to decode it into + <filename>/root/.ssh/authorized_keys</filename>, encode that line itself in base64 and + pass it as a Credential that will be picked up by systemd from SMBIOS on boot. + </para> + </example> </refsect1> <refsect1> |