From 53eb49180e16e1cc740695bb9cdb381becfd59a1 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 12 Jul 2018 13:57:19 +0100
Subject: [PATCH] aws: Install SSH keys only for setup user

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 src/initscripts/helper/aws-setup | 29 +++++++++++++----------------
 1 file changed, 13 insertions(+), 16 deletions(-)

diff --git a/src/initscripts/helper/aws-setup b/src/initscripts/helper/aws-setup
index 125cacc1f8..0d85a44e43 100644
--- a/src/initscripts/helper/aws-setup
+++ b/src/initscripts/helper/aws-setup
@@ -89,22 +89,19 @@ import_aws_configuration() {
 		useradd setup -s /usr/bin/run-setup -g nobody -m
 	fi
 
-	# Import SSH keys
-	local user
-	for user in /root /home/setup; do
-		local line
-		for line in $(get "public-keys/"); do
-			local key_no="${line%=*}"
-
-			local key="$(get public-keys/${key_no}/openssh-key)"
-			if [ -n "${key}" ] && ! grep -q "^${key}$" "${user}/.ssh/authorized_keys" 2>/dev/null; then
-				mkdir -p "${user}/.ssh"
-				chmod 700 "${user}/.ssh"
-
-				echo "${key}" >> "${user}/.ssh/authorized_keys"
-				chmod 600 "${user}/.ssh/authorized_keys"
-			fi
-		done
+	# Import SSH keys for setup user
+	local line
+	for line in $(get "public-keys/"); do
+		local key_no="${line%=*}"
+
+		local key="$(get public-keys/${key_no}/openssh-key)"
+		if [ -n "${key}" ] && ! grep -q "^${key}$" "/home/setup/.ssh/authorized_keys" 2>/dev/null; then
+			mkdir -p "/home/setup/.ssh"
+			chmod 700 "/home/setup/.ssh"
+
+			echo "${key}" >> "/home/setup/.ssh/authorized_keys"
+			chmod 600 "/home/setup/.ssh/authorized_keys"
+		fi
 	done
 
 	# Import any DNS server settings
-- 
2.39.5