Le Thu, Dec 06, 2012 at 04:15:49PM +0100, Holger Levsen a écrit : > On Donnerstag, 6. Dezember 2012, Charles Plessy wrote: > > > but at the very minimum, I > > think that an image needs a system to make sure that one can log in with a > > keypair where the private part is available to the machine via a > > predetermined URL (that the cloud system makes private to the running > > instance). > > where do you want to provide the private keys? (I dont get it, from a general > perspective...) Can you please explain?
Hi Holger, Sorry, I confused public and private in my previous answer. On the clouds implementing the EC2 API, the user can create a key pair in the cloud infrastructure, retreive the private key on his computer, and make the public key available as metadata to an instance he launched. The cloud infrastructure guarantees that the private key is never seen by third parties. It also guarantees that the instance metadata will not contain other public keys. This implements a system where a user can start an instance where no password nor key is stored in the image, and only him can log in a predertermined account with a key pair he chose. Cheers, -- Charles Plessy Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
