Setup a Kerberos server and use tickets. You do not need to arrange private/public keys on every server (host/vm's).
2012/3/22 Olivier Sallou <[email protected]> > > > Le 3/22/12 6:53 AM, biro lehel a écrit : > > Hello everyone, > > I'm looking for the most convenient setting to be able to passwordlessly > ssh between the VM's created by OpenNebula. I've noticed that the settings > which provide passwordless ssh from the Front-end (or Hosts) into VM's do > not deal with this, the system is still asking for a password if I want to > ssh from VM into VM. So, did I do something wrong, and in theory, the exact > same steps would need to be followed in case of VM's too, or is there some > trick? > > > To enable password less communication between VMs you need top create a > SSH key for a user (root?) that will be in all you VMs. > You should also disable in ssh_config the know_hosts feature (or redirect > it to /dev/null). > > For SSH there are multiple means. You create a VM with a SSH key inside, > the drawback is the SSH key is the same for all VMs e.g. all users, this is > not secure but for test only it would fit. > At boot time you load the ssh key for a file set in CONTEXT template, with > a key dedicated per user. Or, still at boot time, you trigger a server (you > made) to get a SSH key from the VM ip. > > Olivier > > > Thank you, > Lehel. > > > _______________________________________________ > Users mailing > [email protected]http://lists.opennebula.org/listinfo.cgi/users-opennebula.org > > > -- > Olivier Sallou > IRISA / University of Rennes 1 > Campus de Beaulieu, 35000 RENNES - FRANCE > Tel: 02.99.84.71.95 > > gpg key id: 4096R/326D8438 (keyring.debian.org) > Key fingerprint = 5FB4 6F83 D3B9 5204 6335 D26D 78DC 68DB 326D 8438 > > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org > >
_______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
