Key injection should be configurable

Bug #683525 reported by Soren Hansen
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Confirmed
Wishlist
Unassigned

Bug Description

At the moment (r430-ish), we unconditionally inject ssh keys (if such a reference is passed in RunInstances) into the guest filesystem's /root/.ssh/authorized_keys.

There needs to be a way to disable this behaviour.

Revision history for this message
Scott Moser (smoser) wrote :

I would suggest that key injection should be turned off by default.

The hypervisor (or cloud platform) should not need to know anything about the instances it is starting.

key injection is actually a bug, where by openstack is doing something possibly against the AMI author's wishes.

Revision history for this message
Vish Ishaya (vishvananda) wrote : Re: [Bug 683525] Re: Key injection should be configurable

I agree with this once we have a decent library of images of various distros
with proper startup scripts and a reliable metadata server that works
without complex configuration in all networking modes
On Dec 2, 2010 5:35 PM, "Scott Moser" <email address hidden> wrote:
> I would suggest that key injection should be turned off by default.
>
> The hypervisor (or cloud platform) should not need to know anything
> about the instances it is starting.
>
> key injection is actually a bug, where by openstack is doing something
> possibly against the AMI author's wishes.
>
> --
> You received this bug notification because you are a member of Nova
> Bugs, which is subscribed to OpenStack Compute (nova).
> https://bugs.launchpad.net/bugs/683525
>
> Title:
> Key injection should be configurable
>
> Status in OpenStack Compute (Nova):
> New
>
> Bug description:
> At the moment (r430-ish), we unconditionally inject ssh keys (if such a
reference is passed in RunInstances) into the guest filesystem's
/root/.ssh/authorized_keys.
>
> There needs to be a way to disable this behaviour.
>
>

Revision history for this message
Scott Moser (smoser) wrote :

I think ideally this is configurable on a per-ami or per-instance level. Having a global switch of "inject keys" means that AMIs that have explicitly disabled root login (like the Ubuntu ones) are in a sense violated if *any* image you want to run does not support pulling keys from a metadata service.

If you believe that you have to support image manipulation by the host (which i generally disagree with), then I think that per-ami is probably the right level, and turn it off by default.

Thierry Carrez (ttx)
Changed in nova:
importance: Undecided → Wishlist
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.