Eucalyptus key issue

teddy teddymills-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Wed Mar 5 08:24:00 UTC 2014 

Can you create a common user account with sudo admin to root access on 
all your instances ?

Then you will not have to worry about keypairs.
Then enable or disable a user account or its passwd.

As you know once you send out a PEM or keypair,
it is hassle to invalidate the correct one.



On 3/4/2014 10:30 AM, Renata Rocha wrote:
> I'm working with security groups already. It seems to give me to options:
>
> 1. I either have security group demo, key demo, and have all instances
> based on it and share this key with the group
>
> 2. I create a bunch of demo1-demoN keys and create instances created
> accordingly, give a demo key to each instance owner, and keep them on
> my records to access them.
>
> I'm not very satisfied by these solutions.
> Renata Rocha
> http://renata.org
>
>
> On Tue, Mar 4, 2014 at 10:13 AM, David Thornton <northdot9-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
>> quick google,
>>
>> Looks like you use "security groups" to manage a bunch of machines with the
>> same key pair.
>>
>> https://www.eucalyptus.com/book/export/html/2746
>>
>> David
>>
>>
>> On Tue, Mar 4, 2014 at 9:22 AM, Renata Rocha <natzilla-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
>>> Does anyone here have experience with Eucalyptus?
>>>
>>> I have a private cloud, and, from my understanding, every time you
>>> create an instance, it's generated with its own keypair (that you have
>>> previously created) so the instance is secure.
>>>
>>> My issue is not having a master key or some user who has access to all
>>> instances as root or something, as, according to my setup, I'd need to
>>> constantly run database updates from the CC to the instances. The
>>> instances are independent, but I'd like to have the ability to have
>>> root on them, too.
>>>
>>> Any suggestions on how to solve this?
>>>
>>> Thanks.
>>>
>>> Renata Rocha
>>> http://renata.org
>>> --
>>> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
>>> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
>>> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>>
> --
> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list