Injecting public key into openbmc image for CI integration

Patrick Williams patrick at
Wed Oct 7 13:01:14 AEDT 2020

On Tue, Oct 06, 2020 at 05:45:07PM +0000, Verdun, Jean-Marie wrote:
Hi JM,

> I looked into openbmc and it doesn’t seem that there is any standard recipes to create a test user and inject into the account a public key. Does I am wrong ? I wrote a very basic recipe to make it happens, and was wondering if it could be relevant to upstream it ?

Yocto already has the 'extrausers' bbclass, which is typically inherited
by an image in order to add additional users.  What you are asking for
is slightly more than that because you also want an SSH pubkey, but it
doesn't seem to support that out of the box (it appears as if
EXTRA_USERS_PARAMS is a variable containing a shell-snippet, but the
bbclass explicitly prohibits arbitrary commands).  I think you could add
a new package to add your SSH key though.

What I would suggest you do is:

    - Create a bbclass that:
        1. leverages EXTRA_USERS_PARAMS to add your test user.
        2. adds a package to the image RDEPENDS to include your test ssh keys.

    - Submit said bbclass upstream here.

    - When you build your test images, append to conf/local.conf an
      INHERIT += "your-test-key.bbclass".

This will give others a pattern to follow for other networks /
configurations (by upstreaming it) and allow you to build special images
for test that include what you want and mostly leverage existing Yocto

Patrick Williams
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <>

More information about the openbmc mailing list