Have Genesis better work with BMC install

In a BMC install, the certificate may fail and we may have ability to port forward 3389 but not 22. Support normal and enhanced certificate behavior when possible, but degrade to cert-less ssh and also port 3389
2024-11-22 09:32:21 +00:00 · 2021-01-15 08:25:12 -05:00 · 2021-01-15 08:25:12 -05:00 · a5c4b64c60
commit a5c4b64c60
parent f7a940227d
1 changed files with 5 additions and 9 deletions
--- a/confluent_osdeploy/genesis/initramfs/opt/confluent/bin/rungenesis
+++ b/confluent_osdeploy/genesis/initramfs/opt/confluent/bin/rungenesis
@ -28,6 +28,8 @@ modprobe hfi1
 modprobe mlx5_ib
 echo "done"
 cat > /etc/ssh/sshd_config << EOF
+Port 22
+Port 3389
 PermitRootLogin yes
 AuthorizedKeysFile      .ssh/authorized_keys
 EOF
@ -81,7 +83,9 @@ for pubkey in /etc/ssh/ssh_host*key.pub; do
    certfile=${pubkey/.pub/-cert.pub}
    privfile=${pubkey%.pub}
    /usr/libexec/platform-python /opt/confluent/bin/apiclient /confluent-api/self/sshcert $pubkey > $certfile
-    echo HostCertificate $certfile >> /etc/ssh/sshd_config
+    if [ -s $certfile ]; then
+        echo HostCertificate $certfile >> /etc/ssh/sshd_config
+    fi
    echo HostKey $privfile >> /etc/ssh/sshd_config
 done
 /usr/sbin/sshd
@ -95,11 +99,3 @@ run_remote onboot.sh
 while :; do
    bash
 done
-
-    
-
-
-
-
-cd -
-