Need a way to manage SSH keys in a juju environment.

Bug #834930 reported by Clint Byrum on 2011-08-26
66
This bug affects 14 people
Affects Status Importance Assigned to Milestone
juju-core
High
Ian Booth
juju-gui
Low
Unassigned
pyjuju
Low
Unassigned
juju-core (Ubuntu)
Undecided
Unassigned
juju-gui (Ubuntu)
Undecided
Unassigned

Bug Description

Currently the key you created the environment is the only one you can ever use to access the environment. This is unrealistic to expect with any kind of teams working on environments, and is also a security risk because one cannot update a compromised key.

Ensemble should actively manage a list of keys that are allowed to ssh to machines in the environment, and provide tools for updating that list.

Juan L. Negron (negronjl) wrote :

+1

Thanks,

Juan

Changed in juju:
status: New → Confirmed
importance: Undecided → Medium
tags: added: production
summary: - Need a way to manage SSH keys in an ensemble environment.
+ Need a way to manage SSH keys in a juju environment.
Dustin Kirkland  (kirkland) wrote :

Please consider the use of the ssh-import-id utility, which is part of every Ubuntu cloud image, and is tightly integrated into cloud-init. By default, it securely retrieves public SSH keys from Launchpad.net, but that's configurable and it can retrieve those from anywhere.

Clint Byrum (clint-fewbar) wrote :

I kind of doubt that a large proportion of our users have launchpad accounts with SSH keys attached. Assuming that would put a pretty big burden on users to sign up for LP, and would disallow disconnected operation.

Whats needed is to have a set of CLI commands to do CRUD ops on an environment's list of SSH keys that are allowed to be used in the environment, and let the agents put them in place.

Clint Byrum (clint-fewbar) wrote :
Changed in juju:
milestone: none → honolulu
Clint Byrum (clint-fewbar) wrote :

As a workaround for not having this, a subordinate charm can be used.

The basic gist would be:

* sub charm has config option for allowed SSH keys
* deploy/relate it to all nodes
* juju set my-ssh-keys authorized_keys=`cat /the/true/lsit`

The config-changed hook can then update all machines' ssh keys to the ones given in authorized_keys.

The only trouble here is you will have to manually update the key on node 0, *or* deploy a dummy service to it with "placement: local" which can then have the my-ssh-keys subordinate related to it.

Let's please not add a core feature for this before the Go port is live.

gustavo @ http://niemeyer.net
On Apr 26, 2012 12:16 PM, "Clint Byrum" <email address hidden> wrote:

> As a workaround for not having this, a subordinate charm can be used.
>
> The basic gist would be:
>
> * sub charm has config option for allowed SSH keys
> * deploy/relate it to all nodes
> * juju set my-ssh-keys authorized_keys=`cat /the/true/lsit`
>
> The config-changed hook can then update all machines' ssh keys to the
> ones given in authorized_keys.
>
> The only trouble here is you will have to manually update the key on
> node 0, *or* deploy a dummy service to it with "placement: local" which
> can then have the my-ssh-keys subordinate related to it.
>
> --
> You received this bug notification because you are a member of juju
> hackers, which is the registrant for juju.
> https://bugs.launchpad.net/bugs/834930
>
> Title:
> Need a way to manage SSH keys in a juju environment.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/834930/+subscriptions
>

Changed in juju:
milestone: 0.6 → none
Martin Packman (gz) on 2012-10-25
Changed in juju-core:
importance: Undecided → Medium
status: New → Confirmed
Changed in juju-core:
milestone: none → 2.0
Changed in juju-core:
status: Confirmed → Triaged
Peter Waller (peter.waller) wrote :

Any chance of this one seeing some love? I personally can't currently deploy servers because of it (they come up with a set of keys which doesn't include mine), nor can our organization revoke a compromised key.

Jonathan Davies (jpds) on 2013-09-24
tags: added: cts
Curtis Hovey (sinzui) on 2013-10-11
Changed in juju-core:
importance: Medium → High
Curtis Hovey (sinzui) on 2013-10-12
Changed in juju:
status: Confirmed → Triaged
Curtis Hovey (sinzui) on 2013-10-12
tags: added: ssh
Curtis Hovey (sinzui) on 2013-10-15
Changed in juju:
importance: Medium → Low
Curtis Hovey (sinzui) on 2013-10-17
tags: added: cts-cloud-review
removed: cts
Ian Booth (wallyworld) on 2013-12-02
Changed in juju:
status: Triaged → Won't Fix
Changed in juju-core:
assignee: nobody → Ian Booth (wallyworld)
status: Triaged → In Progress
Ian Booth (wallyworld) on 2013-12-13
Changed in juju-core:
milestone: 2.0 → 1.17.0
status: In Progress → Fix Committed
Curtis Hovey (sinzui) on 2013-12-20
Changed in juju-core:
status: Fix Committed → Fix Released
Marius B. Kotsbak (mariusko) wrote :

Seems like this isn't released in Trusty yet.

Also added task for juju-gui, as this should have GUI support too, to be attractive for the users.

Gary Poster (gary) wrote :

+1 on adding to GUI. Priority-wise I think it goes after a decent chunk of other goals, but it definitely fits into what we've said we want the GUI to accomplish, and if we see a way to fit it in quickly hopefully we can.

Changed in juju-gui:
status: New → Triaged
importance: Undecided → Low
Changed in juju-gui (Ubuntu):
status: New → Confirmed
Robie Basak (racb) on 2014-02-03
Changed in juju-core (Ubuntu):
status: New → Triaged
Changed in juju-gui (Ubuntu):
status: Confirmed → Triaged
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package juju-core - 1.17.3-0ubuntu1

---------------
juju-core (1.17.3-0ubuntu1) trusty; urgency=medium

  * New upstream point release (LP: #1271941, #834930, #1240667, #1274210):
    - https://launchpad.net/juju-core/trunk/1.17.3
 -- James Page <email address hidden> Mon, 24 Feb 2014 09:19:55 +0000

Changed in juju-core (Ubuntu):
status: Triaged → Fix Released
tags: added: canonical-is
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers