Github user nchammas commented on a diff in the pull request:
https://github.com/apache/spark/pull/4162#discussion_r23499969
--- Diff: ec2/spark_ec2.py ---
@@ -349,6 +350,15 @@ def launch_cluster(conn, opts, cluster_name):
if opts.identity_file is None:
print >> stderr, "ERROR: Must provide an identity file (-i) for
ssh connections."
sys.exit(1)
+
+ if not os.path.exists(opts.identify_file):
+ print >> stderr, "ERROR: The identity file(%s) doesn't exist." %
opts.identity_file
+ sys.exit(1)
+
+ if oct(os.stat(opts.identity_file).st_mode)[-3:] != "600":
--- End diff --
I don't think this is correct. 600 means the file is readable and writable
only by the owner, which is fine. But 400 is also a secure mask. 400 means that
only the owner can read it (no write permissions). Furthermore, [Amazon
recommends](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html)
setting the mask to 400.
I suggest changing this to check for 400, like in Amazon's documentation.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
