Linux: How to Add Public SSH Key to QCOW2 Image
This post will guide you how to add a publick ssh key into a QCOW2 Image in your Linux system. How do I add ssh keys to QCOW2 image using virt-sysprep tool under CentOS/RHEL/Ubuntu Linux.
Add SSH Key into QCOW2 Image
You can use a tool called virt-sysprep to the root account on a qcow2 disk image. Firstly, you need to install this tool, then setup keys.
Install Virt-sysprep
For Ubuntu/Debian Linux
If you are using ubuntu Linux, you need to use apt or apt-get command to install virt-sysprep package, type:
$ sudo apt-get install libguestfs-tools
Outputs:
devops@devops-osetc:~/working$ sudo apt-get install libguestfs-tools sudo: unable to resolve host devops-osetc [sudo] password for devops: Reading package lists... Done Building dependency tree Reading state information... Done Do you want to continue? [Y/n] y Get:1 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libsigsegv2 amd64 2.10-4 [14.1 kB] Get:2 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 gawk amd64 1:4.1.3+dfsg-0.1 [398 kB] Get:3 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libiscsi2 amd64 1.12.0-2 [51.5 kB] ... update-initramfs: deferring update (trigger activated) Setting up libguestfs0:amd64 (1:1.32.2-4ubuntu2) ... Setting up libguestfs-hfsplus:amd64 (1:1.32.2-4ubuntu2) ... Setting up libguestfs-perl (1:1.32.2-4ubuntu2) ... Setting up libguestfs-reiserfs:amd64 (1:1.32.2-4ubuntu2) ... Setting up libguestfs-tools (1:1.32.2-4ubuntu2) ... Setting up libguestfs-xfs:amd64 (1:1.32.2-4ubuntu2) ... Processing triggers for libc-bin (2.23-0ubuntu10) ... Processing triggers for systemd (229-4ubuntu21.10) ... Processing triggers for ureadahead (0.100.0-19) ... Processing triggers for initramfs-tools (0.122ubuntu8.8) ... update-initramfs: Generating /boot/initrd.img-4.8.0-36-generic W: mdadm: /etc/mdadm/mdadm.conf defines no arrays.
For CentOS/RHEL Linux
If you are using CentOS/RHEL Linux, you can use the yum command to install it, type:
# yum install libguestfs-tools
For Fedora Linux
You can use dnf command to install it, type:
$ sudo dnf install libguestfs-tools
Setup ssh keys to Qcow2 Image
You can execute the following command to add ssh keys to the root account on your qcow2 image, type:
# virt-sysprep -a CentOS-7-x86_64-GenericCloud-1511.qcow2 --root-password set_root_password --ssh-inject root:file:/root/my.key.pub
More information about virt-sysprep
If you want to get more help about virt-sysprep tool, you can type the following command:
# virt-sysprep –help
Outputs:
root@devops-osetc:/home/devops/working# virt-sysprep --help virt-sysprep: reset or unconfigure a virtual machine so clones can be made virt-sysprep [--options] -d domname virt-sysprep [--options] -a disk.img [-a disk.img ...] A short summary of the options is given below. For detailed help please read the man page virt-sysprep(1). -a file Add disk image file --add file Add disk image file -c uri Set libvirt URI --chmod PERMISSIONS:FILE Change the permissions of a file --commands-from-file FILENAME Read customize commands from file --connect uri Set libvirt URI --copy SOURCE:DEST Copy files in disk image --copy-in LOCALPATH:REMOTEDIR Copy local files or directories into image -d domain Set libvirt guest name --debug-gc Debug GC and memory allocations (internal) --delete PATH Delete a file or directory --domain domain Set libvirt guest name --dry-run Perform a dry run --dryrun Perform a dry run --dump-pod Dump POD (internal) --dump-pod-options Dump POD for options (internal) --edit FILE:EXPR Edit file using Perl expression --enable operations Enable specific operations --firstboot SCRIPT Run script at first guest boot --firstboot-command 'CMD+ARGS' Run command at first guest boot --firstboot-install PKG,PKG.. Add package(s) to install at first boot --format format Set format (default: auto) --hostname HOSTNAME Set the hostname --install PKG,PKG.. Add package(s) to install --keep-user-accounts users Users to keep --link TARGET:LINK[:LINK..] Create symbolic links --list-operations List supported operations --long-options List long options --mkdir DIR Create a directory --mount-options opts Set mount options (eg /:noatime;/var:rw,noatime) --move SOURCE:DEST Move files in disk image -n Perform a dry run --no-logfile Scrub build log file --no-selinux-relabel Compatibility option, does nothing --operation Enable/disable specific operations --operations Enable/disable specific operations --password USER:SELECTOR Set user password --password-crypto md5|sha256|sha512 Set password crypto -q Don't print progress messages --quiet Don't print progress messages --remove-user-accounts users Users to remove --root-password SELECTOR Set root password --run SCRIPT Run script in disk image --run-command 'CMD+ARGS' Run command in disk image --script script Script or program to run on guest --scriptdir dir Mount point on host --scrub FILE Scrub a file --selinux-relabel Relabel files with correct SELinux labels --short-options List short options --sm-attach SELECTOR Attach to a subscription-manager pool --sm-credentials SELECTOR Credentials for subscription-manager --sm-register Register using subscription-manager --sm-remove Remove all the subscriptions --sm-unregister Unregister using subscription-manager --ssh-inject USER[:SELECTOR] Inject a public key into the guest --timezone TIMEZONE Set the default timezone --touch FILE Run touch on a file --truncate FILE Truncate a file to zero size --truncate-recursive PATH Recursively truncate all files in directory --update Update core packages --upload FILE:DEST Upload local file to destination -V Display version and exit -v Enable libguestfs debugging messages --verbose Enable libguestfs debugging messages --version Display version and exit --write FILE:CONTENT Write file -x Enable tracing of libguestfs calls -help Display this list of options --help Display this list of options