On 10/11/2010 06:24 PM, Scott Moser wrote: > It is in the FAQ. I'm probably sounding like a broken record to you, but as a general rule, I don't believe that people read documentation when it looks like they can accomplish what they want without it. Best to not have surprises or confusing features if you can avoid it, and in this case, it sounds like you can.
> The primary reason for > launching with a key was so we could debug if necessary, and explicitly so > that if the user was locked out (ie, no access to their published > launchpad keys), then we could ssh in, set a onetime password and show > that to the user. I believe it's better to err on the side of security than convenience here. This is how Amazon does it with EC2 in the larger scheme of things. If you lock yourself out, they cannot help you get access to your box no matter how important it is to you (generally). That's how important your security is to them and I'd love to see Canonical continue this level of trust. Again, I realize that this is just a simple trial, but if simple things are designed with security in mind from the beginning, then it will be easier to carry through to when those projects and ideas are used in larger, more important situations. > There is obviously trust in the launcher (Canonical) as they could have > done any nefarious things they wanted to the image. Obviously. And when I find that the launcher has put in place a clear back door for convenience, it increases the doubt that they may at some point add secret back doors for some other noble purpose. > The project is open source (AGPL) and available at > https://launchpad.net/awstrial nice. -- Eric Hammond -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
