console_conf: identity: move strict confinement handling to ssh

Signed-off-by: Ondrej Kubik <ondrej.kubik@canonical.com>

console_conf/controllers/identity.py

@@ -19,7 +19,6 @@ import os
 import pwd
 import shlex
 import sys
-from pathlib import Path
 
 from console_conf.ui.views import IdentityView, LoginView
 from subiquitycore.snapd import SnapdConnection
@@ -117,16 +116,6 @@ def write_login_details(fp, username, ips):
         )
     else:
         first_ip = ips[0]
-        key_info = None
-        if os.getenv("SNAP_CONFINEMENT", "classic") == "strict":
-            # if we run in confinement, we have no direct accesss to host
-            # keys info use prepared finger prints if exist
-            host_fingerprints_path = "/run/console-conf/host-fingerprints.txt"
-            host_fingerprints = Path(host_fingerprints_path)
-            if host_fingerprints.is_file():
-                fingerprints = open(host_fingerprints_path, "r")
-                key_info = fingerprints.read()
-        else:
         key_info = host_key_info()
         fp.write(
             login_details_tmpl.format(

subiquitycore/ssh.py

@@ -16,6 +16,7 @@
 import logging
 import os
 import pwd
+from pathlib import Path
 
 from subiquitycore.utils import run_command
 
@@ -77,6 +78,16 @@ The {keytype} host key fingerprint is:
 
 
 def host_key_info():
+    if os.getenv("SNAP_CONFINEMENT", "classic") == "strict":
+        # if we run in confinement, we have no direct accesss to host
+        # keys info use prepared finger prints if exist
+        snap_name = os.getenv("SNAP_NAME", "classic")
+        host_fingerprints = Path("/run/" + snap_name + "/host-fingerprints.txt")
+        if host_fingerprints.is_file():
+            fingerprints = open(host_fingerprints, "r")
+            return fingerprints.read()
+        return ""
+    else:
         return summarize_host_keys(host_key_fingerprints())