about summary refs log tree commit diff
path: root/nixos/modules/virtualisation/ec2-data.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/virtualisation/ec2-data.nix')
-rw-r--r--nixos/modules/virtualisation/ec2-data.nix5
1 files changed, 2 insertions, 3 deletions
diff --git a/nixos/modules/virtualisation/ec2-data.nix b/nixos/modules/virtualisation/ec2-data.nix
index 0cc6d9938e220..0b9d098dbab76 100644
--- a/nixos/modules/virtualisation/ec2-data.nix
+++ b/nixos/modules/virtualisation/ec2-data.nix
@@ -35,9 +35,8 @@ with lib;
                 echo "obtaining SSH key..."
                 mkdir -m 0700 -p /root/.ssh
                 if [ -s /etc/ec2-metadata/public-keys-0-openssh-key ]; then
-                    cat /etc/ec2-metadata/public-keys-0-openssh-key >> /root/.ssh/authorized_keys
+                    (umask 177; cat /etc/ec2-metadata/public-keys-0-openssh-key >> /root/.ssh/authorized_keys)
                     echo "new key added to authorized_keys"
-                    chmod 600 /root/.ssh/authorized_keys
                 fi
             fi
 
@@ -80,7 +79,7 @@ with lib;
             # ec2-get-console-output.
             echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----" > /dev/console
             for i in /etc/ssh/ssh_host_*_key.pub; do
-                ${config.programs.ssh.package}/bin/ssh-keygen -l -f $i > /dev/console
+                ${config.programs.ssh.package}/bin/ssh-keygen -l -f $i || true > /dev/console
             done
             echo "-----END SSH HOST KEY FINGERPRINTS-----" > /dev/console
           '';
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-20 12:17:26 +0000