tools/create-gce-image.sh: setup ssh with empty password

We used to use ssh keys, but there are no partiuclar advantages of using key over empty password. It just makes things more complex. And the new image building code in pkg/build does not support keys.
author: Dmitry Vyukov <dvyukov@google.com> 2021-01-29 14:31:09 +0100
committer: Dmitry Vyukov <dvyukov@google.com> 2021-01-29 15:48:16 +0100
commit: 785bbf9f39813fafd09ba10e1d3a6a1f2ff291c2 (patch)
tree: ad674b2ff4d048352adc0fe7af488ccde898367c
parent: 536094275dcdd385d6ec666edfb9644f6842ab96 (diff)
4 files changed, 22 insertions, 29 deletions
diff --git a/pkg/build/linux.go b/pkg/build/linux.go
index c35e5795e..f08455c39 100644
--- a/pkg/build/linux.go
+++ b/pkg/build/linux.go
@@ -122,13 +122,6 @@ func (linux) createImage(params *Params, kernelPath string) error {
 	if err := osutil.CopyFile(filepath.Join(tempDir, "disk.raw"), imageFile); err != nil {
 		return err
 	}
-	keyFile := filepath.Join(params.OutputDir, "key")
-	if err := osutil.CopyFile(filepath.Join(tempDir, "key"), keyFile); err != nil {
-		return err
-	}
-	if err := os.Chmod(keyFile, 0600); err != nil {
-		return err
-	}
 	return nil
 }
 
diff --git a/pkg/build/linux_gen.sh b/pkg/build/linux_gen.sh
index d69e61bc7..c4de59ce0 100755
--- a/pkg/build/linux_gen.sh
+++ b/pkg/build/linux_gen.sh
@@ -7,5 +7,5 @@ set -eu
 echo -en '// Code generated by pkg/build/linux.go. DO NOT EDIT.\n\n' > linux_generated.go
 echo -en 'package build\n\n' >> linux_generated.go
 echo -en 'const createImageScript = `#!/bin/bash\n' >> linux_generated.go
-cat ../../tools/create-gce-image.sh | grep -v '#' >> linux_generated.go
+cat ../../tools/create-gce-image.sh | egrep -v '^\s*#' >> linux_generated.go
 echo -en '`\n\n' >> linux_generated.go
diff --git a/pkg/build/linux_generated.go b/pkg/build/linux_generated.go
index fa7256804..7362b634a 100644
--- a/pkg/build/linux_generated.go
+++ b/pkg/build/linux_generated.go
@@ -98,15 +98,17 @@ fi
 
 echo -en "127.0.0.1\tlocalhost\n" | sudo tee disk.mnt/etc/hosts
 echo "nameserver 8.8.8.8" | sudo tee -a disk.mnt/etc/resolve.conf
-echo "ClientAliveInterval 420" | sudo tee -a disk.mnt/etc/ssh/sshd_config
 echo "syzkaller" | sudo tee disk.mnt/etc/hostname
-rm -f key key.pub
-ssh-keygen -f key -t rsa -N ""
-sudo mkdir -p disk.mnt/root/.ssh
-sudo cp key.pub disk.mnt/root/.ssh/authorized_keys
-sudo chown root disk.mnt/root/.ssh/authorized_keys
 sudo mkdir -p disk.mnt/boot/grub
 
+cat << EOF | sudo tee disk.mnt/etc/ssh/sshd_config
+PermitRootLogin yes
+PasswordAuthentication yes
+PermitEmptyPasswords yes
+ClientAliveInterval 420
+EOF
+sudo sed -i "s#^root:\*:#root::#g" disk.mnt/etc/shadow
+
 CMDLINE=""
 SYZ_CMDLINE_FILE="${SYZ_CMDLINE_FILE:-}"
 if [ "$SYZ_CMDLINE_FILE" != "" ]; then
diff --git a/tools/create-gce-image.sh b/tools/create-gce-image.sh
index d569abcb9..09c51983e 100755
--- a/tools/create-gce-image.sh
+++ b/tools/create-gce-image.sh
@@ -2,8 +2,8 @@
 # Copyright 2016 syzkaller project authors. All rights reserved.
 # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
 
-# create-gce-image.sh creates a minimal bootable image suitable for syzkaller/GCE.
-# The image will have password-less root login with a key stored in key file.
+# create-gce-image.sh creates a minimal bootable image suitable for syzkaller/GCE in ./disk.raw file.
+# The script can also create/delete temp files in the current dir.
 #
 # Prerequisites:
 # - you need a user-space system, a basic Debian system can be created with:
@@ -22,11 +22,6 @@
 # then its contents will be appended to the kernel command line.
 # If MKE2FS_CONFIG env var is set, it will affect invoked mkfs.ext4.
 #
-# Outputs are (in the current dir):
-# - disk.raw: the image
-# - key: root ssh key
-# The script can also create/delete temp files in the current dir.
-#
 # The image then needs to be compressed with:
 #   tar -Sczf disk.tar.gz disk.raw
 # and uploaded to GCS with:
@@ -37,8 +32,7 @@
 #   qemu-system-x86_64 -hda disk.raw -net user,host=10.0.2.10,hostfwd=tcp::10022-:22 \
 #       -net nic -enable-kvm -m 2G -display none -serial stdio
 # once the kernel boots, you can ssh into it with:
-#   ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentitiesOnly=yes \
-#       -p 10022 -i key root@localhost
+#   ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -p 10022 root@localhost
 
 set -eux
 
@@ -146,15 +140,19 @@ fi
 
 echo -en "127.0.0.1\tlocalhost\n" | sudo tee disk.mnt/etc/hosts
 echo "nameserver 8.8.8.8" | sudo tee -a disk.mnt/etc/resolve.conf
-echo "ClientAliveInterval 420" | sudo tee -a disk.mnt/etc/ssh/sshd_config
 echo "syzkaller" | sudo tee disk.mnt/etc/hostname
-rm -f key key.pub
-ssh-keygen -f key -t rsa -N ""
-sudo mkdir -p disk.mnt/root/.ssh
-sudo cp key.pub disk.mnt/root/.ssh/authorized_keys
-sudo chown root disk.mnt/root/.ssh/authorized_keys
 sudo mkdir -p disk.mnt/boot/grub
 
+# Setup ssh without key/password.
+cat << EOF | sudo tee disk.mnt/etc/ssh/sshd_config
+PermitRootLogin yes
+PasswordAuthentication yes
+PermitEmptyPasswords yes
+ClientAliveInterval 420
+EOF
+# Reset root password.
+sudo sed -i "s#^root:\*:#root::#g" disk.mnt/etc/shadow
+
 CMDLINE=""
 SYZ_CMDLINE_FILE="${SYZ_CMDLINE_FILE:-}"
 if [ "$SYZ_CMDLINE_FILE" != "" ]; then
author	Dmitry Vyukov <dvyukov@google.com>	2021-01-29 14:31:09 +0100
committer	Dmitry Vyukov <dvyukov@google.com>	2021-01-29 15:48:16 +0100
commit	785bbf9f39813fafd09ba10e1d3a6a1f2ff291c2 (patch)
tree	ad674b2ff4d048352adc0fe7af488ccde898367c
parent	536094275dcdd385d6ec666edfb9644f6842ab96 (diff)