feat: Generate SSH server keys in host agent and use them in guest OS

This change changes the SSH server keys that have been generated for each boot in guest OS to be generated by hostagent for each boot.
This allows the hostagent to obtain the public key before booting, so that knownhosts can be used with an ssh connection.

The code that uses `ssh.InsecureIgnoreHostKey()` in `x/crypto/ssh` is pointed out in CodeQL as `Use of insecure HostKeyCallback implementation (High)`, so it is an implementation to avoid this.

Signed-off-by: Norio Nomura <[email protected]>

Author: norio-nomura

pkg/cidata/cidata.TEMPLATE.d/user-data

@@ -104,3 +104,11 @@ bootcmd:
     {{- end }}
   {{- end }}
 {{- end }}
+
+{{- if .SSHHostKeys }}
+ssh_keys:
+  {{- range $type, $key := .SSHHostKeys }}
+  {{ $type }}: |
+{{ indent 4 $key }}
+  {{- end }}
+{{- end }}

pkg/cidata/cidata.go

@@ -118,7 +118,7 @@ func setupEnv(instConfigEnv map[string]string, propagateProxyEnv bool, slirpGate
 	return env, nil
 }
 
-func templateArgs(ctx context.Context, bootScripts bool, instDir, name string, instConfig *limatype.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort, vsockPort int, virtioPort string, noCloudInit, rosettaEnabled, rosettaBinFmt bool) (*TemplateArgs, error) {
+func templateArgs(ctx context.Context, bootScripts bool, instDir, name string, instConfig *limatype.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort, vsockPort int, virtioPort string, noCloudInit, rosettaEnabled, rosettaBinFmt, hostKeys bool) (*TemplateArgs, error) {
 	if err := limayaml.Validate(instConfig, false); err != nil {
 		return nil, err
 	}
@@ -342,11 +342,19 @@ func templateArgs(ctx context.Context, bootScripts bool, instDir, name string, i
 		}
 	}
 
+	if hostKeys {
+		sshHostKeys, err := sshutil.GenerateSSHHostKeys(instDir, args.Hostname)
+		if err != nil {
+			return nil, fmt.Errorf("failed to generate SSH host keys: %w", err)
+		}
+		args.SSHHostKeys = sshHostKeys
+	}
+
 	return &args, nil
 }
 
 func GenerateCloudConfig(ctx context.Context, instDir, name string, instConfig *limatype.LimaYAML) error {
-	args, err := templateArgs(ctx, false, instDir, name, instConfig, 0, 0, 0, "", false, false, false)
+	args, err := templateArgs(ctx, false, instDir, name, instConfig, 0, 0, 0, "", false, false, false, false)
 	if err != nil {
 		return err
 	}
@@ -369,7 +377,7 @@ func GenerateCloudConfig(ctx context.Context, instDir, name string, instConfig *
 }
 
 func GenerateISO9660(ctx context.Context, drv driver.Driver, instDir, name string, instConfig *limatype.LimaYAML, udpDNSLocalPort, tcpDNSLocalPort int, guestAgentBinary, nerdctlArchive string, vsockPort int, virtioPort string, noCloudInit, rosettaEnabled, rosettaBinFmt bool) error {
-	args, err := templateArgs(ctx, true, instDir, name, instConfig, udpDNSLocalPort, tcpDNSLocalPort, vsockPort, virtioPort, noCloudInit, rosettaEnabled, rosettaBinFmt)
+	args, err := templateArgs(ctx, true, instDir, name, instConfig, udpDNSLocalPort, tcpDNSLocalPort, vsockPort, virtioPort, noCloudInit, rosettaEnabled, rosettaBinFmt, true)
 	if err != nil {
 		return err
 	}
@@ -467,6 +475,13 @@ func GenerateISO9660(ctx context.Context, drv driver.Driver, instDir, name strin
 			Path:   "ssh_authorized_keys",
 			Reader: strings.NewReader(strings.Join(args.SSHPubKeys, "\n")),
 		})
+		for keyType, keyContent := range args.SSHHostKeys {
+			suffix := strings.Replace(strings.Replace(keyType, "_public", "_key.pub", 1), "_private", "_key", 1)
+			layout = append(layout, iso9660util.Entry{
+				Path:   "ssh_host_" + suffix,
+				Reader: strings.NewReader(keyContent),
+			})
+		}
 		return writeCIDataDir(filepath.Join(instDir, filenames.CIDataISODir), layout)
 	}
 

pkg/cidata/template.go

@@ -115,6 +115,7 @@ type TemplateArgs struct {
 	Plain                           bool
 	TimeZone                        string
 	NoCloudInit                     bool
+	SSHHostKeys                     map[string]string // `ssh_keys` field in cloud-init SSH module
 }
 
 func ValidateTemplateArgs(args *TemplateArgs) error {

pkg/driver/vz/vsock_forwarder.go

@@ -9,14 +9,11 @@ import (
 	"context"
 	"errors"
 	"net"
-	"path/filepath"
 
 	"github.com/containers/gvisor-tap-vsock/pkg/tcpproxy"
 	"github.com/sirupsen/logrus"
 
 	"github.com/lima-vm/lima/v2/pkg/limatype"
-	"github.com/lima-vm/lima/v2/pkg/limatype/dirnames"
-	"github.com/lima-vm/lima/v2/pkg/limatype/filenames"
 	"github.com/lima-vm/lima/v2/pkg/sshutil"
 )
 
@@ -75,15 +72,7 @@ func (m *virtualMachineWrapper) dialVsock(_ context.Context, port uint32) (conn
 }
 
 func (m *virtualMachineWrapper) checkSSHOverVsockAvailable(ctx context.Context, inst *limatype.Instance) error {
-	user := *inst.Config.User.Name
-	configDir, err := dirnames.LimaConfigDir()
-	if err != nil {
-		return err
-	}
-	privateKeyPath := filepath.Join(configDir, filenames.UserPrivateKey)
-	vsockPort := uint32(22)
-	addr := "vsock:22"
 	return sshutil.WaitSSHReady(ctx, func(ctx context.Context) (net.Conn, error) {
-		return m.dialVsock(ctx, vsockPort)
-	}, addr, user, privateKeyPath, 1)
+		return m.dialVsock(ctx, uint32(22))
+	}, "vsock:22", *inst.Config.User.Name, inst.Name, 1)
 }

pkg/driver/wsl2/boot/02-no-cloud-init-setup.sh

@@ -17,6 +17,11 @@ chmod 700 "${LIMA_CIDATA_HOME}"/.ssh/
 cp "${LIMA_CIDATA_MNT}"/ssh_authorized_keys "${LIMA_CIDATA_HOME}"/.ssh/authorized_keys
 chown "${LIMA_CIDATA_UID}:${LIMA_CIDATA_GID}" "${LIMA_CIDATA_HOME}"/.ssh/authorized_keys
 chmod 600 "${LIMA_CIDATA_HOME}"/.ssh/authorized_keys
+# copy SSH host keys
+mkdir -p /etc/ssh/
+cp "${LIMA_CIDATA_MNT}"/ssh_host_* /etc/ssh/
+chmod 600 /etc/ssh/ssh_host_*
+chmod 644 /etc/ssh/ssh_host_*.pub
 
 # add $LIMA_CIDATA_USER to sudoers
 echo "${LIMA_CIDATA_USER} ALL=(ALL) NOPASSWD:ALL" | tee -a /etc/sudoers.d/99_lima_sudoers

pkg/limatype/filenames/filenames.go

@@ -50,6 +50,7 @@ const (
 	SerialVirtioSock        = "serialv.sock"
 	SSHSock                 = "ssh.sock"
 	SSHConfig               = "ssh.config"
+	SSHKnownHosts           = "ssh_known_hosts"
 	VhostSock               = "virtiofsd-%d.sock"
 	VNCDisplayFile          = "vncdisplay"
 	VNCPasswordFile         = "vncpassword"

pkg/networks/usernet/client.go

@@ -11,7 +11,6 @@ import (
 	"net"
 	"net/http"
 	"os"
-	"path/filepath"
 	"strconv"
 	"time"
 
@@ -20,8 +19,6 @@ import (
 
 	"github.com/lima-vm/lima/v2/pkg/httpclientutil"
 	"github.com/lima-vm/lima/v2/pkg/limatype"
-	"github.com/lima-vm/lima/v2/pkg/limatype/dirnames"
-	"github.com/lima-vm/lima/v2/pkg/limatype/filenames"
 	"github.com/lima-vm/lima/v2/pkg/limayaml"
 	"github.com/lima-vm/lima/v2/pkg/networks/usernet/dnshosts"
 )
@@ -144,13 +141,9 @@ func (c *Client) WaitOpeningSSHPort(ctx context.Context, inst *limatype.Instance
 		return err
 	}
 	user := *inst.Config.User.Name
-	configDir, err := dirnames.LimaConfigDir()
-	if err != nil {
-		return err
-	}
-	privateKeyPath := filepath.Join(configDir, filenames.UserPrivateKey)
+	instanceName := inst.Name
 	// -1 avoids both sides timing out simultaneously.
-	u := fmt.Sprintf("%s/extension/wait_ssh_server?ip=%s&port=22&timeout=%d&user=%s&privateKeyPath=%s", c.base, ipAddr, timeoutSeconds-1, user, privateKeyPath)
+	u := fmt.Sprintf("%s/extension/wait-ssh-server?ip=%s&port=22&timeout=%d&user=%s&instance-name=%s", c.base, ipAddr, timeoutSeconds-1, user, instanceName)
 	res, err := httpclientutil.Get(ctx, c.client, u)
 	if err != nil {
 		return err

pkg/networks/usernet/gvproxy.go

@@ -245,7 +245,7 @@ func httpServe(ctx context.Context, g *errgroup.Group, ln net.Listener, mux http
 
 func muxWithExtension(n *virtualnetwork.VirtualNetwork) *http.ServeMux {
 	m := n.Mux()
-	m.HandleFunc("/extension/wait_ssh_server", func(w http.ResponseWriter, r *http.Request) {
+	m.HandleFunc("/extension/wait-ssh-server", func(w http.ResponseWriter, r *http.Request) {
 		ip := r.URL.Query().Get("ip")
 		if net.ParseIP(ip) == nil {
 			msg := fmt.Sprintf("invalid ip address: %s", ip)
@@ -260,9 +260,9 @@ func muxWithExtension(n *virtualnetwork.VirtualNetwork) *http.ServeMux {
 		addr := net.JoinHostPort(ip, fmt.Sprintf("%d", uint16(port16)))
 
 		user := r.URL.Query().Get("user")
-		privateKeyPath := r.URL.Query().Get("privateKeyPath")
-		if user == "" || privateKeyPath == "" {
-			msg := "user and privateKeyPath query parameters are required"
+		instanceName := r.URL.Query().Get("instance-name")
+		if user == "" || instanceName == "" {
+			msg := "user and instanceName query parameters are required"
 			http.Error(w, msg, http.StatusBadRequest)
 			return
 		}
@@ -280,7 +280,7 @@ func muxWithExtension(n *virtualnetwork.VirtualNetwork) *http.ServeMux {
 			return n.DialContextTCP(ctx, addr)
 		}
 		// Wait until the port is available.
-		if err = sshutil.WaitSSHReady(r.Context(), dialContext, addr, user, privateKeyPath, timeoutSeconds); err != nil {
+		if err = sshutil.WaitSSHReady(r.Context(), dialContext, addr, user, instanceName, timeoutSeconds); err != nil {
 			http.Error(w, err.Error(), http.StatusRequestTimeout)
 		} else {
 			w.WriteHeader(http.StatusOK)

pkg/sshutil/sshutil.go

@@ -6,10 +6,18 @@ package sshutil
 import (
 	"bytes"
 	"context"
+	"crypto"
+	"crypto/ecdsa"
+	"crypto/ed25519"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/rsa"
 	"encoding/base64"
 	"encoding/binary"
+	"encoding/pem"
 	"errors"
 	"fmt"
+	"io"
 	"io/fs"
 	"net"
 	"os"
@@ -26,8 +34,10 @@ import (
 	"github.com/mattn/go-shellwords"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/crypto/ssh"
+	"golang.org/x/crypto/ssh/knownhosts"
 	"golang.org/x/sys/cpu"
 
+	"github.com/lima-vm/lima/v2/pkg/instance/hostname"
 	"github.com/lima-vm/lima/v2/pkg/ioutilx"
 	"github.com/lima-vm/lima/v2/pkg/limatype/dirnames"
 	"github.com/lima-vm/lima/v2/pkg/limatype/filenames"
@@ -244,7 +254,6 @@ func CommonOpts(ctx context.Context, sshExe SSHExe, useDotSSH bool) ([]string, e
 
 	opts = append(opts,
 		"StrictHostKeyChecking=no",
-		"UserKnownHostsFile=/dev/null",
 		"NoHostAuthenticationForLocalhost=yes",
 		"PreferredAuthentications=publickey",
 		"Compression=no",
@@ -345,18 +354,28 @@ func SSHOpts(ctx context.Context, sshExe SSHExe, instDir, username string, useDo
 		return nil, err
 	}
 	controlPath := fmt.Sprintf(`ControlPath="%s"`, controlSock)
+	userKnownHostsPath := filepath.Join(instDir, filenames.SSHKnownHosts)
+	userKnownHosts := fmt.Sprintf(`UserKnownHostsFile="%s"`, userKnownHostsPath)
 	if runtime.GOOS == "windows" {
 		controlSock, err = ioutilx.WindowsSubsystemPath(ctx, controlSock)
 		if err != nil {
 			return nil, err
 		}
 		controlPath = fmt.Sprintf(`ControlPath='%s'`, controlSock)
+		userKnownHostsPath, err = ioutilx.WindowsSubsystemPath(ctx, userKnownHostsPath)
+		if err != nil {
+			return nil, err
+		}
+		userKnownHosts = fmt.Sprintf(`UserKnownHostsFile='%s'`, userKnownHostsPath)
 	}
+	hostKeyAlias := fmt.Sprintf("HostKeyAlias=%s", hostname.FromInstName(filepath.Base(instDir)))
 	opts = append(opts,
 		fmt.Sprintf("User=%s", username), // guest and host have the same username, but we should specify the username explicitly (#85)
 		"ControlMaster=auto",
 		controlPath,
 		"ControlPersist=yes",
+		userKnownHosts,
+		hostKeyAlias,
 	)
 	if forwardAgent {
 		opts = append(opts, "ForwardAgent=yes")
@@ -516,27 +535,27 @@ func detectAESAcceleration() bool {
 // The dialContext function is used to create a connection to the SSH server.
 // The addr, user, privateKeyPath parameter is used for ssh.ClientConn creation.
 // The timeoutSeconds parameter specifies the maximum number of seconds to wait.
-func WaitSSHReady(ctx context.Context, dialContext func(context.Context) (net.Conn, error), addr, user, privateKeyPath string, timeoutSeconds int) error {
+func WaitSSHReady(ctx context.Context, dialContext func(context.Context) (net.Conn, error), addr, user, instanceName string, timeoutSeconds int) error {
 	ctx, cancel := context.WithTimeout(ctx, time.Duration(timeoutSeconds)*time.Second)
 	defer cancel()
 
 	// Prepare signer
-	key, err := os.ReadFile(privateKeyPath)
+	signer, err := UserPrivateKey()
 	if err != nil {
-		return fmt.Errorf("failed to read private key %q: %w", privateKeyPath, err)
+		return err
 	}
-	signer, err := ssh.ParsePrivateKey(key)
+	// Prepare HostKeyCallback
+	hostKeyChecker, err := HostKeyCheckerWithKeysInKnownHosts(instanceName)
 	if err != nil {
-		return fmt.Errorf("failed to parse private key %q: %w", privateKeyPath, err)
+		return err
 	}
 	// Prepare ssh client config
 	sshConfig := &ssh.ClientConfig{
 		User:            user,
 		Auth:            []ssh.AuthMethod{ssh.PublicKeys(signer)},
-		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+		HostKeyCallback: hostKeyChecker,
 		Timeout:         10 * time.Second,
 	}
-
 	// Wait until the SSH server is available.
 	for {
 		conn, err := dialContext(ctx)
@@ -567,3 +586,105 @@ func isRetryableError(err error) bool {
 		// SSH server not ready yet (e.g. host key not generated on initial boot).
 		strings.HasSuffix(err.Error(), "no supported methods remain")
 }
+
+// UserPrivateKey returns the user's private key signer.
+// The public key is always installed in the VM.
+func UserPrivateKey() (ssh.Signer, error) {
+	configDir, err := dirnames.LimaConfigDir()
+	if err != nil {
+		return nil, err
+	}
+	privateKeyPath := filepath.Join(configDir, filenames.UserPrivateKey)
+	key, err := os.ReadFile(privateKeyPath)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read private key %q: %w", privateKeyPath, err)
+	}
+	signer, err := ssh.ParsePrivateKey(key)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse private key %q: %w", privateKeyPath, err)
+	}
+	return signer, nil
+}
+
+func HostKeyCheckerWithKeysInKnownHosts(instanceName string) (ssh.HostKeyCallback, error) {
+	publicKeys, err := PublicKeysFromKnownHosts(instanceName)
+	if err != nil {
+		return nil, err
+	}
+	return func(_ string, _ net.Addr, key ssh.PublicKey) error {
+		keyBytes := key.Marshal()
+		for _, pk := range publicKeys {
+			if bytes.Equal(keyBytes, pk.Marshal()) {
+				return nil
+			}
+		}
+		return errors.New("ssh: host key mismatch")
+	}, nil
+}
+
+// PublicKeysFromKnownHosts returns the public keys from the known_hosts file located in the instance directory.
+func PublicKeysFromKnownHosts(instanceName string) ([]ssh.PublicKey, error) {
+	// Load known_hosts from the instance directory
+	instanceDir, err := dirnames.InstanceDir(instanceName)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get instance dir for instance %q: %w", instanceName, err)
+	}
+	knownHostsPath := filepath.Join(instanceDir, filenames.SSHKnownHosts)
+	knownHostsBytes, err := os.ReadFile(knownHostsPath)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read known_hosts file at %s: %w", knownHostsPath, err)
+	}
+	var publicKeys []ssh.PublicKey
+	rest := knownHostsBytes
+	for len(rest) > 0 {
+		var publicKey ssh.PublicKey
+		publicKey, _, _, rest, err = ssh.ParseAuthorizedKey(rest)
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse public key from known_hosts file %s: %w", knownHostsPath, err)
+		}
+		publicKeys = append(publicKeys, publicKey)
+	}
+	return publicKeys, nil
+}
+
+// GenerateSSHHostKeys generates an Ed25519 host key pair for the SSH server.
+// The private key is returned in PEM format, and the public key.
+func GenerateSSHHostKeys(instDir, hostname string) (map[string]string, error) {
+	generators := map[string]func(io.Reader) (crypto.PrivateKey, error){
+		"ecdsa": func(rand io.Reader) (crypto.PrivateKey, error) {
+			return ecdsa.GenerateKey(elliptic.P256(), rand)
+		},
+		"ed25519": func(rand io.Reader) (crypto.PrivateKey, error) {
+			_, priv, err := ed25519.GenerateKey(rand)
+			return priv, err
+		},
+		"rsa": func(rand io.Reader) (crypto.PrivateKey, error) {
+			return rsa.GenerateKey(rand, 3072)
+		},
+	}
+	res := make(map[string]string, len(generators))
+	var sshKnownHosts []byte
+	for keyType, generator := range generators {
+		priv, err := generator(rand.Reader)
+		if err != nil {
+			return nil, err
+		}
+		privPem, err := ssh.MarshalPrivateKey(priv, hostname)
+		if err != nil {
+			return nil, fmt.Errorf("failed to marshal %s private key to PEM format: %w", keyType, err)
+		}
+		pub, err := ssh.NewPublicKey(priv.(crypto.Signer).Public())
+		if err != nil {
+			return nil, fmt.Errorf("failed to create ssh %s public key: %w", keyType, err)
+		}
+		res[keyType+"_private"] = string(pem.EncodeToMemory(privPem))
+		res[keyType+"_public"] = string(ssh.MarshalAuthorizedKey(pub))
+		sshKnownHosts = append(sshKnownHosts, knownhosts.Line([]string{hostname}, pub)...)
+		sshKnownHosts = append(sshKnownHosts, '\n')
+	}
+	knownHostsPath := filepath.Join(instDir, filenames.SSHKnownHosts)
+	if err := os.WriteFile(knownHostsPath, sshKnownHosts, 0o644); err != nil {
+		return nil, fmt.Errorf("failed to write known_hosts file at %s: %w", knownHostsPath, err)
+	}
+	return res, nil
+}