incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chip Childers <>
Subject Re: SystemVM ISO on KVM
Date Tue, 19 Feb 2013 13:49:28 GMT
On Tue, Feb 19, 2013 at 06:07:26PM +0900, Dave Cahill wrote:
> Hi,
> Working on CloudStack in development mode (using jetty to run the
> management server), I noticed that the Host's SSH keypairs and those in the
> system VM ISO easily get out of sync.
> After every database redeploy, the the management server generates a new
> SSH keypair because the "ssh.privatekey" and "ssh.publickey" configuration
> entries are gone from the database.
> Once these new keypairs are generated, the management server:
> * Writes the new keypair to disk on the management server node
> (~/.ssh/id_rsa)
>     As an aside, this overwrites the user's existing SSH keys; we discussed
> this back in November [1], but didn't come to a conclusion
> * Writes the new keypair to the database ("ssh.privatekey" and
> "ssh.publickey" configuration entries)
> * Injects the new keypair into systemvm.iso on the management server
> * Overwrites /root/.ssh/ on the Host with the new keypair (via
> the agent on the Host)

Can you file a bug for both of these issues?  They have come up a couple of 
times, and should probably be addressed.

> In other words, it automatically overwrites the ssh keypair on the Host,
> but doesn't automatically overwrite systemvm.iso on the Host as far as I
> can see. This means the keypair and the systemvm ISO are out of sync on the
> Host, and sshing into system vms using /root/,ssh/ doesn't work.
> To get around this, I scp the new systemvm.iso across to the Host after
> redeploying the database and starting the management server for the first
> time, and before setting up the Host on the management server side.
> Is there a better way?
> Thanks,
> Dave.
> [1] [DISCUSS] SSH keys overwritten for user running management server

View raw message