Hi! I really appreciate this repo as it simplifies the process of bastion sshd setup and user management.
I noticed that when the container starts, it copies the authorized_keys file to "%h/.ssh/authorized_keys". However, after adding new public keys to the authorized_keys file on the host, the changes are not automatically synchronized (which is understandable given the current copy-on-start behavior), so I need to rebuild the container to make the changes take effect.
After considering the SSH_USER and permissions, I tried an alternative approach by:
- Using "AuthorizedKeysFile /authorized_keys %h/.ssh/authorized_keys" in sshd config
- Mounting this configuration file through sshd_config.d/extra.conf
This solution allows:
- Direct modification of the host's authorized_keys file and changes could take effect without container restart, so no SSH connection interruption
I'd like to know if:
- Is there any potential issue with this approach, like I missed something so that my authorized_keys file is not synced by default?
- Is the current non-sync behavior intentional like a feature?
Thanks!
Hi! I really appreciate this repo as it simplifies the process of bastion sshd setup and user management.
I noticed that when the container starts, it copies the authorized_keys file to "%h/.ssh/authorized_keys". However, after adding new public keys to the authorized_keys file on the host, the changes are not automatically synchronized (which is understandable given the current copy-on-start behavior), so I need to rebuild the container to make the changes take effect.
After considering the SSH_USER and permissions, I tried an alternative approach by:
This solution allows:
I'd like to know if:
Thanks!