image: T5455: Add migration of SSH known_hosts files during upgrade

[alexandr-san4ez]

Change summary

During upgrade, the script now checks if any known_hosts files exist. If so, it prompts the user to save these SSH fingerprints, and upon confirmation, copies the files to the new image persistence directory.

Would you like to copy SSH host keys? [Y/n]
Copying SSH host keys
Would you like to save the SSH known hosts (fingerprints) from your current configuration? [Y/n]
Copying SSH known hosts
Copying system image files

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Code style update (formatting, renaming)
• Refactoring (no functional changes)
• Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
• Other (please describe):

Related Task(s)

• https://vyos.dev/T5455

How to test / Smoketest result

Ensure known_hosts files exist for root or users, then run the upgrade and confirm you’re prompted to migrate them. After choosing Yes, verify the files are copied; with No or no files, they should not be migrated or prompted.

vyos@vyos:~$ touch /home/vyos/.ssh/known_hosts
vyos@vyos:~$ sudo touch /root/.ssh/known_hosts
vyos@vyos:~$ add system image vyos-1.5-rolling-202508251355-generic-amd64.iso
Validating image compatibility
Validating image checksums
What would you like to name this image? (Default: 1.5-rolling-202508251355) test1
Would you like to set the new image as the default one for boot? [Y/n] Y
An active configuration was found. Would you like to copy it to the new image? [Y/n] Y
Copying configuration directory
Would you like to copy SSH host keys? [Y/n] Y
Copying SSH host keys
Would you like to save the SSH known hosts (fingerprints) from your current configuration? [Y/n] Y
Copying SSH known hosts
Copying system image files
Cleaning up
Unmounting target filesystems
Removing temporary files
vyos@vyos:~$ sudo reboot now
...
vyos@vyos:~$ find /etc /home /root -name known_hosts 2>/dev/null
/home/vyos/.ssh/known_hosts
/root/.ssh/known_hosts

Checklist:

• I have read the CONTRIBUTING document
• I have linked this PR to one or more Phabricator Task(s)
• I have run the components SMOKETESTS if applicable
• My commit headlines contain a valid Task id
• My change requires a change to the documentation
• I have updated the documentation accordingly

[github-actions]

👍
No issues in PR Title / Commit Title

[Copilot]

Pull Request Overview

This PR adds functionality to migrate SSH known_hosts files during VyOS system image upgrades. The migration preserves SSH fingerprints from the current configuration to the new image, preventing the need to re-verify SSH connections after upgrade.

• Implements detection and migration of known_hosts files for root and all users
• Adds user prompts during upgrade to confirm migration of SSH known hosts
• Integrates the migration process into the existing image installation workflow

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[c-po]

Other then the tree minor changes in placing imports on their own line - code looks good.

[c-po]

All requested changes added. Change looks good.

[jestabro]

I see one problem with this: by implicitly creating the home directories in the persistence directory
/usr/lib/live/mount/persistence/boot/my-new-image-name/rw
during add system image, the useradd in system_login.py on first boot into the new image will avoid copying skeleton files. The warning is not recorded, but an analogous situation is, say:

vyos@vyos:~$ sudo mkdir /home/bob
vyos@vyos:~$ sudo useradd --create-home --home /home/bob bob
useradd: warning: the home directory /home/bob already exists.
useradd: Not copying any file from skel directory into it.

The result in my test is that, on booting into the new image, one sees:

vyos@vyos:~$ show version

  Invalid command: [show]

vyos@vyos:~$ pwd
/home/vyos
vyos@vyos:~$ ls -la
total 16
drwxr-xr-x 3 vyos root  4096 Aug 29 17:56 .
drwxr-xr-x 1 root root  4096 Aug 29 17:41 ..
-rw------- 1 vyos users  224 Aug 29 17:56 .bash_history
drwxr-xr-x 2 vyos root  4096 Aug 29 17:47 .ssh
-rw-r--r-- 1 vyos users    0 Aug 29 17:47 .sudo_as_admin_successful

so, no .bashrc etc, hence no completions.

Updating the image with this PR but without copying the known_hosts files returns normal behavior in the new image.

So, I don't have a concrete suggestion yet, but do want to point out the issue.

[alexandr-san4ez]

@jestabro thanks for finding this because I missed it. I will prepare fix for this PR.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[alexandr-san4ez]

@jestabro thanks for finding this because I missed it. I will prepare fix for this PR.

Fix: Preserve existing home directory when adding user by backing up and restoring its contents after useradd to prevent data loss.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[jestabro]

Re-running failed jobs, as a check; all passed in a local test. Review pending.

[jestabro]

The current version exposes an interesting issue (not directly related to the PR), as well as having a critical issue itself --- on a system with the PR, before any upgrade, one has (with my added 'DEBUG print' lines):

vyos@vyos:~$ ls -lart
total 80
-rw-r--r-- 1 vyos users       675 Sep 10  2023 .profile
-rw-r--r-- 1 vyos users      4131 Sep 10  2023 .bashrc
-rw-r--r-- 1 vyos users       220 Apr 18 22:47 .bash_logout
-rw-r--r-- 1 vyos users         0 Sep  5 16:43 .sudo_as_admin_successful
-rw-r--r-- 1 vyos users       582 Sep  5 16:44 vyos-vimrc
-rw-r--r-- 1 vyos users       582 Sep  5 16:44 .vimrc
-rw------- 1 vyos users       923 Sep  5 16:45 .viminfo
-rw-r--r-- 1 vyos users      8070 Sep  5 18:20 file.py
drwxr-xr-x 2 vyos users      4096 Sep  5 18:40 .ssh
drwxr-xr-x 1 root root       4096 Sep  5 18:40 ..
-rw------- 1 vyos vyattacfg    20 Sep  5 18:44 .lesshst
drwxr-xr-x 3 vyos users      4096 Sep  5 18:44 .
-rw------- 1 vyos users     27764 Sep  5 18:44 .bash_history
vyos@vyos:~$ config
[edit]
vyos@vyos# set system login user jestabro authentication public-keys jestabro@homonoia type ssh-ed25519
[edit]
vyos@vyos# set system login user jestabro authentication public-keys jestabro@homonoia key AAAAC3NzaC1lZDI1NTE5AAAAIBLCU6nIgzNxgxPniBpwoOxS7uG9xCLCWf2sp9292Wti
[edit]
vyos@vyos# commit
[ system login ]
DEBUG print: command is useradd --create-home --no-user-group  --shell /bin/vbash --password '!' --home '/home/jestabro' --groups frr,frrvty,vyattacfg,sudo,adm,dip,disk,_kea jestabro
DEBUG print: command is usermod --shell /bin/vbash --home '/home/vyos' --groups frr,frrvty,vyattacfg,sudo,adm,dip,disk,_kea vyos

shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
[edit]
vyos@vyos# ls -lart
total 0
[edit]

(1) cd'ing away from the directory and back will find expected files
(2) note that system_login.py will apply to the full config under the node ['system', 'login'], hence a change to one user will lead to move/restore of all home directories of current users, as seen in the example above (this is the exposed issue: independent of the current PR, we may want to consider a refinement here with node_changed or similar, later; note that does not avoid the issues here)
(3) one could consider the alternative of explicitly copying the skel files only in the case of useradd, however, I have no strong opinion either way, yet
(4) it is not surprising that this is non-trivial, however, it is a worthwhile problem to get right, so as to open the possibility of migrating (a limited amount of) other user home dir data

[jestabro]

Cf. comment above

[alexandr-san4ez]

I've simplified the approach to saving user's files a bit.
Now the files will be saved to a temporary directory (/var/.users_backups/{user} where user is name of user) and restored when the user is first created (command == useradd).

I'm not sure about naming of temporary directory (/var/.users_backups) and I would be grateful for your suggestions.

[jestabro]

Simple tests of upgrade now pass.

[alexandr-san4ez]

@c-po could you look at this PR again because I have changed the original approach.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[github-actions]

CI integration 👍 passed!

Details

CI logs

• CLI Smoketests (no interfaces) 👍 passed
• CLI Smoketests VPP 👍 passed
• CLI Smoketests (interfaces only) 👍 passed
• Config tests 👍 passed
• Config tests VPP 👍 passed
• RAID1 tests 👍 passed
• TPM tests 👍 passed