clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(seed): outbound SSH client material for hands-free node→mother #115

Merged
clawdie merged 1 commit from seed-ssh-client-material into main 2026-06-22 20:26:11 +02:00
Conversation 0 Commits 1 Files changed 2 +91 -1
clawdie commented 2026-06-22 09:56:16 +02:00
Owner
Copy link

Why

The baked mother key (#112) embeds a private key in the image — fine only for a non-published personalized stick. The offline FAT32 seed is the correct home for per-node secrets, and it also lets us solve the host-key trust gap that the baked key alone doesn't.

What

The importer now installs outbound SSH client material from an agent's ssh/ dir into the agent home:

Seed file Installed to Mode Notes
ssh/config ~/.ssh/config 0600 e.g. a Host mother alias
ssh/known_hosts* ~/.ssh/known_hosts* 0644 merged + de-duped (idempotent)
ssh/<name>.pub ~/.ssh/<name>.pub 0644 public key
ssh/<name> ~/.ssh/<name> 0600 any other file = private key

authorized_keys stays inbound-only (unchanged, via _seed_install_authorized_keys).

What this fixes

  • Hands-free node→mother. known_hosts pins mother's host key, so the first connection doesn't stop on an unknown-host prompt — the actual "without manual key exchange" gap.
  • Secret-free image. The private client key rides on the offline seed, not the base image.

Supersedes the baked-key path (#112), which can retire once this is validated on hardware. Leaving #112 in place for now per the current decision.

Test

Offline (CLAWDIE_SEED_TEST=1, fake mount, two runs):

  • perms: key 0600, .pub/known_hosts 0644, config 0600, .ssh 0700
  • known_hosts stays a single line across re-runs (de-dup merge is idempotent)
  • config installed verbatim

sh -n clean; markdown format gate green.

🤖 Generated with Claude Code

## Why The baked mother key (#112) embeds a private key in the image — fine only for a non-published personalized stick. The offline FAT32 seed is the correct home for per-node secrets, and it also lets us solve the host-key trust gap that the baked key alone doesn't. ## What The importer now installs **outbound** SSH client material from an agent's `ssh/` dir into the agent home: | Seed file | Installed to | Mode | Notes | | ---------------------- | ----------------------- | ---- | ------------------------------ | | `ssh/config` | `~/.ssh/config` | 0600 | e.g. a `Host mother` alias | | `ssh/known_hosts*` | `~/.ssh/known_hosts*` | 0644 | merged + de-duped (idempotent) | | `ssh/<name>.pub` | `~/.ssh/<name>.pub` | 0644 | public key | | `ssh/<name>` | `~/.ssh/<name>` | 0600 | any other file = private key | `authorized_keys` stays **inbound-only** (unchanged, via `_seed_install_authorized_keys`). ## What this fixes - **Hands-free node→mother.** `known_hosts` pins mother's host key, so the first connection doesn't stop on an unknown-host prompt — the actual "without manual key exchange" gap. - **Secret-free image.** The private client key rides on the offline seed, not the base image. Supersedes the baked-key path (#112), which can retire once this is validated on hardware. Leaving #112 in place for now per the current decision. ## Test Offline (`CLAWDIE_SEED_TEST=1`, fake mount, two runs): - perms: key `0600`, `.pub`/`known_hosts` `0644`, `config` `0600`, `.ssh` `0700` - `known_hosts` stays a single line across re-runs (de-dup merge is idempotent) - `config` installed verbatim `sh -n` clean; markdown format gate green. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
clawdie added 1 commit 2026-06-22 09:56:19 +02:00 
The baked mother key (build/mother-ssh-key) puts a private key in the image,
which only works for a non-published personalized stick. The offline FAT32
seed is the correct home for per-node secrets.

Teach the importer to install outbound SSH client material from an agent's
ssh/ dir into the agent home:
  - config       -> ~/.ssh/config       (0600)
  - known_hosts* -> ~/.ssh/known_hosts* (0644, merged + de-duped)
  - <name>.pub   -> ~/.ssh/<name>.pub   (0644)
  - <name>       -> ~/.ssh/<name>        (0600, any other file = private key)
authorized_keys stays inbound-only via _seed_install_authorized_keys.

This closes the 'without manual key exchange' gap: known_hosts pins mother's
host key so the first node->mother connect does not prompt, and the private
client key rides on the offline seed instead of the base image — so the
published image stays secret-free. Supersedes the baked-key path (#112),
which can retire once this is validated on hardware.

Verified offline (CLAWDIE_SEED_TEST): correct perms (key 0600, pub/known_hosts
0644, config 0600, .ssh 0700) and idempotent known_hosts merge across re-runs.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
clawdie merged commit af83717524 into main 2026-06-22 20:26:11 +02:00
clawdie deleted branch seed-ssh-client-material 2026-06-22 20:26:11 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clawdie/clawdie-iso#115
No description provided.
Delete branch "seed-ssh-client-material"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?