Eucalyptus

Make key injection destination configurable

Bug #784769 reported by Garrett Holmstrom on 2011-05-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Eucalyptus	New	Wishlist	Dmitrii Zagorodnov

Bug Description

The typical EC2 image contains an init script that downloads SSH keys to whichever place on the instance's filesystem makes sense. This also works in Eucalyptus's managed mode. Eucalyptus, however, overwrites /root/.ssh/authorized_keys when a new instance starts whenever the NC is capable of mounting the root filesystem. While useful, this key injection makes a few assumptions:

* Images are always configured to allow root to log in via SSH
* Images never contain SSH keys in /root/.ssh/authorized_keys
* In managed mode, users always want Eucalyptus to inject keys instead of, or in addition to, downloading them via scripts baked into images as they do on EC2

Making the location that the SSH keys go configurable should make it possible to log in as a non-root user via the key-injection mechanism. In addition, it would provide an easy way to skip key injection altogether should an image not require it.

Dmitrii Zagorodnov (dmitrii) on 2011-05-23

Changed in eucalyptus:
assignee:	nobody → Dmitrii Zagorodnov (dmitrii)

Revision history for this message

Andy Grimm (agrimm) wrote on 2012-07-11:

This issue is now being tracked upstream at http://eucalyptus.atlassian.net/browse/EUCA-2772

Please watch that issue for further updates.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.