juju does not extract system ssh fingerprints
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Fix Released
|
High
|
Menno Finlay-Smits |
Bug Description
On first-time connect, the SSH host keys for machines are not known. This should be extracted from the system boot logs in EC2 and added to the user's known-hosts file automatically so that there is an end-to-end secure path to the EC2 instances, and they are not faced with:
$ juju bootstrap
2011-11-19 09:49:19,902 INFO Bootstrapping environment 'sample' (type: ec2)...
2011-11-19 09:49:22,348 INFO 'bootstrap' command finished successfully
$ juju status
2011-11-19 09:54:57,536 INFO Connecting to environment.
The authenticity of host 'ec2-50-
ECDSA key fingerprint is 4c:2a:68:
Are you sure you want to continue connecting (yes/no)?
visibility: | private → public |
Changed in juju-core: | |
importance: | Undecided → Medium |
status: | New → Confirmed |
Changed in juju-core: | |
milestone: | none → 2.0 |
Changed in juju-core: | |
status: | Confirmed → Triaged |
tags: | added: doc |
Changed in juju-core: | |
importance: | Medium → High |
Changed in juju: | |
status: | Confirmed → Triaged |
tags: | added: ssh |
Changed in juju: | |
importance: | Medium → Low |
Changed in juju-core: | |
importance: | High → Low |
tags: |
added: docs removed: doc |
Changed in juju-core: | |
importance: | Low → High |
Changed in juju-core: | |
milestone: | 2.0 → none |
importance: | High → Low |
Changed in juju-core: | |
milestone: | none → 1.25.0 |
Changed in juju-core: | |
importance: | Low → High |
Changed in juju-core: | |
milestone: | 1.25-alpha1 → 1.25-beta1 |
Changed in juju-core: | |
milestone: | 1.25-beta1 → 1.25-beta2 |
Changed in juju-core: | |
milestone: | 1.25-beta2 → none |
tags: | added: feature |
Changed in juju-core: | |
importance: | High → Medium |
no longer affects: | juju |
Changed in juju-core: | |
importance: | Medium → High |
status: | Triaged → In Progress |
assignee: | nobody → Menno Smits (menno.smits) |
milestone: | none → 2.0-beta7 |
Changed in juju-core: | |
milestone: | 2.0-beta7 → 2.0-beta8 |
Changed in juju-core: | |
status: | Fix Committed → Fix Released |
affects: | juju-core → juju |
Changed in juju: | |
milestone: | 2.0-beta8 → none |
milestone: | none → 2.0-beta8 |
For example:
$ ec2-get- console- output --region us-west-2 i-103fe910 | grep -m1 -A3 FINGERPRINTS 3a:a8:93: e1:1f:52: 6d:08:ff: 0a:a2:3d: eb /etc/ssh/ ssh_host_ rsa_key. pub (RSA) 89:6f:7b: 0a:a2:45: 78:d4:ee: a8:23:c0: 5c /etc/ssh/ ssh_host_ dsa_key. pub (DSA)
ec2: -----BEGIN SSH HOST KEY FINGERPRINTS-----
ec2: 2048 f8:bf:48:
ec2: 1024 1d:a6:d9: