incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Prasanna Santhanam" <Prasanna.Santha...@citrix.com>
Subject Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default public/private ssh keys
Date Thu, 07 Mar 2013 08:59:13 GMT


> On March 4, 2013, 7:38 a.m., Dave Cahill wrote:
> > This looks good to me - and great to see someone is fixing it! 
> > 
> > One slightly strange edge case springs to mind - I think the behavior in this edge
case is fine, but wanted to bring it up explicitly just in case:
> > 
> > In KVM, if running management server as root, this will set /root/.ssh/id_rsa.pub.cloud
and /root/.ssh/id_rsa.cloud on management server startup.
> > 
> > If running on a single-node setup, the same machine (acting as host) will receive
the keys and set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud again, to the same
values. Again, I guess this is fine, but wanted to point out the filename clash.
> > 
> > 
> > 
> >
> 
> Prasanna Santhanam wrote:
>     It can go wrong and overwrite the keys within the KVM agent. May be a different name
will serve the purpose - something like id_rsa.devel instead of cloud since it affects only
the developer environment?
> 
> Harikrishna Patnala wrote:
>     It won't go wrong as it copies the same value on the same file. I think this name
(.cloud) serves our purpose.
> 
> Prasanna Santhanam wrote:
>     Ok got it. But is this something you want to push for 4.1? I'll apply it on master
shortly.

Hari - minor fix. The suffix should be .pub and not .cloud. Generated keys have .pub at the
end. Can you resubmit this? THanks


- Prasanna


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17325
-----------------------------------------------------------


On March 4, 2013, 7:22 a.m., Harikrishna Patnala wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
> 
> (Updated March 4, 2013, 7:22 a.m.)
> 
> 
> Review request for cloudstack and Abhinandan Prateek.
> 
> 
> Description
> -------
> 
> SSH keys overwritten for user running management server.
> 
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
> 
> 
> This addresses bug CLOUDSTACK-1013.
> 
> 
> Diffs
> -----
> 
>   server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2 
> 
> Diff: https://reviews.apache.org/r/9727/diff/
> 
> 
> Testing
> -------
> 
> Tested locally
> 
> 
> Thanks,
> 
> Harikrishna Patnala
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message