[systemd-devel] Question: as a user of systemd-homed --storage=luks how to change --ssh-authorized-keys= without asking root?
Lennart Poettering
lennart at poettering.net
Mon Jul 15 12:46:58 UTC 2024
On Di, 09.07.24 18:02, Laurent GUERBY (laurent at guerby.net) wrote:
> Hi,
>
> On a debian testing system (systemd 256.2-1) I created a user with:
>
> trixie# homectl create utest --storage=luks --ssh-authorized-keys="xxx"
>
> The I used ssh to login as the user
>
> ssh utest at trixie
>
> And it all worked as described here as new feature of systemd 256:
>
> https://mastodon.social/@pid_eins/112370336310304287
>
> My question is how is the user "utest" able to change its
> --ssh-authorized-keys? I tried:
>
> utest at trixie$ homectl update utest --ssh-authorized-keys="xxx"
> Assertion 'user_name' failed at src/home/homectl.c:237, function
> acquire_existing_password(). Aborting.
>
> So without success.
>
> Changing password worked as the user:
>
> utest at trixie$ homectl passwd
>
> And changing the utest --ssh-authorized-keys= as root worked too.
>
> Did I miss something?
We currently do not allow to change that without privs. There's a PR
here to add what you are looking for:
https://github.com/systemd/systemd/pull/31153
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list