Setup host based authentication in ssh in ubuntu

misc/ubuntu20.04deploy/custom-installation/post.sh

@@ -7,4 +7,15 @@ done
 
 cp -a /etc/ssh/ssh_host* /target/etc/confluent/ssh/
 cp -a /etc/ssh/sshd_config.d/confluent.conf /target/etc/confluent/ssh/sshd_config.d/
+sshconf=/target/etc/ssh/ssh_config
+if [ -d /target/etc/ssh/ssh_config.d/ ]; then
+    sshconf=/target/etc/ssh/ssh_config.d/01-confluent.conf
+fi
+echo 'Host *' >> $sshconf
+echo '    HostbasedAuthentication yes' >> $sshconf
+echo '    EnableSSHKeysign yes' >> $sshconf
+echo '    HostbasedKeyTypes *ed25519*' >> $sshconf
+
 cp /custom-installation/firstboot.sh /target/etc/confluent/firstboot.sh
+cp /tmp/allnodes /target/root/.shosts
+cp /tmp/allnodes /target/etc/ssh/shosts.equiv

misc/ubuntu20.04deploy/custom-installation/pre.sh

@@ -11,7 +11,11 @@ for pubkey in /etc/ssh/ssh_host*key.pub; do
     echo HostKey $keyfile >> /etc/ssh/sshd_config.d/confluent.conf
     echo HostCertificate $certfile >> /etc/ssh/sshd_config.d/confluent.conf
 done
+echo HostbasedAuthentication yes >> /etc/ssh/sshd_config.d/confluent.conf
+echo HostbasedUsesNameFromPacketOnly yes >> /etc/ssh/sshd_config.d/confluent.conf
+echo IgnoreRhosts no >> /etc/ssh/sshd_config.d/confluent.conf
 systemctl restart sshd
+curl -f X POST -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/nodelist > /tmp/allnodes
 curl https://$mgr/confluent-public/confluent/util/getinstalldisk > /custom-installation/getinstalldisk
 python3 /custom-installation/getinstalldisk
 sed -i s!%%INSTALLDISK%%!/dev/$(cat /tmp/installdisk)! /autoinstall.yaml