OSETC TECH

Linux: How to Add Public SSH Key to QCOW2 Image

This post will guide you how to add a publick ssh key into a QCOW2 Image in your Linux system. How do I add ssh keys to QCOW2 image using virt-sysprep tool under CentOS/RHEL/Ubuntu Linux.

Add SSH Key into QCOW2 Image


You can use a tool called virt-sysprep to the root account on a qcow2 disk image. Firstly, you need to install this tool, then setup keys.

Install Virt-sysprep

For Ubuntu/Debian Linux

If you are using ubuntu Linux, you need to use apt or apt-get command to install virt-sysprep package, type:

$ sudo apt-get install libguestfs-tools

Outputs:

devops@devops-osetc:~/working$ sudo apt-get install libguestfs-tools
sudo: unable to resolve host devops-osetc
[sudo] password for devops:
Reading package lists... Done
Building dependency tree
Reading state information... Done
Do you want to continue? [Y/n] y
Get:1 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libsigsegv2 amd64 2.10-4 [14.1 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 gawk amd64 1:4.1.3+dfsg-0.1 [398 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 libiscsi2 amd64 1.12.0-2 [51.5 kB]

...
update-initramfs: deferring update (trigger activated)
Setting up libguestfs0:amd64 (1:1.32.2-4ubuntu2) ...
Setting up libguestfs-hfsplus:amd64 (1:1.32.2-4ubuntu2) ...
Setting up libguestfs-perl (1:1.32.2-4ubuntu2) ...
Setting up libguestfs-reiserfs:amd64 (1:1.32.2-4ubuntu2) ...
Setting up libguestfs-tools (1:1.32.2-4ubuntu2) ...
Setting up libguestfs-xfs:amd64 (1:1.32.2-4ubuntu2) ...
Processing triggers for libc-bin (2.23-0ubuntu10) ...
Processing triggers for systemd (229-4ubuntu21.10) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for initramfs-tools (0.122ubuntu8.8) ...
update-initramfs: Generating /boot/initrd.img-4.8.0-36-generic
W: mdadm: /etc/mdadm/mdadm.conf defines no arrays.

For CentOS/RHEL Linux

If you are using CentOS/RHEL Linux, you can use the yum command to install it, type:

# yum install libguestfs-tools

For Fedora Linux

You can use dnf command to install it, type:

$ sudo dnf install libguestfs-tools

Setup ssh keys to Qcow2 Image

You can execute the following command to add ssh keys to the root account on your qcow2 image, type:

# virt-sysprep -a CentOS-7-x86_64-GenericCloud-1511.qcow2 --root-password set_root_password --ssh-inject root:file:/root/my.key.pub

More information about virt-sysprep

If you want to get more help about virt-sysprep tool, you can type the following command:

# virt-sysprep –help

Outputs:

root@devops-osetc:/home/devops/working# virt-sysprep --help
virt-sysprep: reset or unconfigure a virtual machine so clones can be made

virt-sysprep [--options] -d domname

virt-sysprep [--options] -a disk.img [-a disk.img ...]

A short summary of the options is given below. For detailed help please
read the man page virt-sysprep(1).

-a file Add disk image file
--add file Add disk image file
-c uri Set libvirt URI
--chmod PERMISSIONS:FILE Change the permissions of a file
--commands-from-file FILENAME Read customize commands from file
--connect uri Set libvirt URI
--copy SOURCE:DEST Copy files in disk image
--copy-in LOCALPATH:REMOTEDIR Copy local files or directories into image
-d domain Set libvirt guest name
--debug-gc Debug GC and memory allocations (internal)
--delete PATH Delete a file or directory
--domain domain Set libvirt guest name
--dry-run Perform a dry run
--dryrun Perform a dry run
--dump-pod Dump POD (internal)
--dump-pod-options Dump POD for options (internal)
--edit FILE:EXPR Edit file using Perl expression
--enable operations Enable specific operations
--firstboot SCRIPT Run script at first guest boot
--firstboot-command 'CMD+ARGS' Run command at first guest boot
--firstboot-install PKG,PKG.. Add package(s) to install at first boot
--format format Set format (default: auto)
--hostname HOSTNAME Set the hostname
--install PKG,PKG.. Add package(s) to install
--keep-user-accounts users Users to keep
--link TARGET:LINK[:LINK..] Create symbolic links
--list-operations List supported operations
--long-options List long options
--mkdir DIR Create a directory
--mount-options opts Set mount options (eg /:noatime;/var:rw,noatime)
--move SOURCE:DEST Move files in disk image
-n Perform a dry run
--no-logfile Scrub build log file
--no-selinux-relabel Compatibility option, does nothing
--operation Enable/disable specific operations
--operations Enable/disable specific operations
--password USER:SELECTOR Set user password
--password-crypto md5|sha256|sha512 Set password crypto
-q Don't print progress messages
--quiet Don't print progress messages
--remove-user-accounts users Users to remove
--root-password SELECTOR Set root password
--run SCRIPT Run script in disk image
--run-command 'CMD+ARGS' Run command in disk image
--script script Script or program to run on guest
--scriptdir dir Mount point on host
--scrub FILE Scrub a file
--selinux-relabel Relabel files with correct SELinux labels
--short-options List short options
--sm-attach SELECTOR Attach to a subscription-manager pool
--sm-credentials SELECTOR Credentials for subscription-manager
--sm-register Register using subscription-manager
--sm-remove Remove all the subscriptions
--sm-unregister Unregister using subscription-manager
--ssh-inject USER[:SELECTOR] Inject a public key into the guest
--timezone TIMEZONE Set the default timezone
--touch FILE Run touch on a file
--truncate FILE Truncate a file to zero size
--truncate-recursive PATH Recursively truncate all files in directory
--update Update core packages
--upload FILE:DEST Upload local file to destination
-V Display version and exit
-v Enable libguestfs debugging messages
--verbose Enable libguestfs debugging messages
--version Display version and exit
--write FILE:CONTENT Write file
-x Enable tracing of libguestfs calls
-help Display this list of options
--help Display this list of options