| I apologize for bringing such an old topic back up, but I encountered an issue related to this today. The problem I see is that jobs being run on an EC2 slave are able to obtain root privileges on that slave. This may be just fine for some setups, but it obviously has the potential to introduce quite a bit of irritation and chaos (or worse) as well. To prevent this, I would like to have the master connect to an ec2 slave using the configured remote user, but with a key separate from that which the instance was launched with. Using a base Ubuntu image as an example, I'm currently restricted to using 'ubuntu' as the remote user and connecting with the key the instance was launched with. Instead I would like to connect as 'jenkins' with some other key entirely (the assumption is that I created this user appropriately via user data, pre-baked ami, etc.). I could just generate an authorized_keys entry for that user by generating a public key from the private key, which I suppose is just fine, but it doesn't seem like an intuitive solution. |