Injecting public key into openbmc image for CI integration

Verdun, Jean-Marie jean-marie.verdun at
Wed Oct 7 13:09:54 AEDT 2020

Hi Patrick,

Thanks for the feedback. I will follow your recommendations. I did implemented my initial recipes by using the extra users params to create the test user. So I will integrate that into a bbclass and propose a solution to upstream this code.


On 10/6/20, 7:01 PM, "Patrick Williams" <patrick at> wrote:

    On Tue, Oct 06, 2020 at 05:45:07PM +0000, Verdun, Jean-Marie wrote:
    Hi JM,

    > I looked into openbmc and it doesn’t seem that there is any standard recipes to create a test user and inject into the account a public key. Does I am wrong ? I wrote a very basic recipe to make it happens, and was wondering if it could be relevant to upstream it ?

    Yocto already has the 'extrausers' bbclass, which is typically inherited
    by an image in order to add additional users.  What you are asking for
    is slightly more than that because you also want an SSH pubkey, but it
    doesn't seem to support that out of the box (it appears as if
    EXTRA_USERS_PARAMS is a variable containing a shell-snippet, but the
    bbclass explicitly prohibits arbitrary commands).  I think you could add
    a new package to add your SSH key though.

    What I would suggest you do is:

        - Create a bbclass that:
            1. leverages EXTRA_USERS_PARAMS to add your test user.
            2. adds a package to the image RDEPENDS to include your test ssh keys.

        - Submit said bbclass upstream here.

        - When you build your test images, append to conf/local.conf an
          INHERIT += "your-test-key.bbclass".

    This will give others a pattern to follow for other networks /
    configurations (by upstreaming it) and allow you to build special images
    for test that include what you want and mostly leverage existing Yocto

    Patrick Williams

More information about the openbmc mailing list