Synchronize Loses SSH Keys?
3 views
Skip to first unread message
project...@googlemail.com
Jun 2, 2009, 8:54:32 AM6/2/09
to scalr-discuss
Hi,
I'm setting up SSH between two instances. I'm using:
ssh-keygen -t rsa
To get my public/private key pair then pushing that over to my remote
server using:
ssh-copy-id -i ~/.ssh/id_rsa.pub my_user@my_remoteserver.com
When I then test ssh it works fine. I synchronize my remote instance
and test ssh again, it still works. When I synchronize my local
instance though SSH has stopped working when the instance comes back
up. I'm prompted for a password instead of it accepting the
connection.
Can anyone help please?
I'm setting up SSH between two instances. I'm using:
ssh-keygen -t rsa
To get my public/private key pair then pushing that over to my remote
server using:
ssh-copy-id -i ~/.ssh/id_rsa.pub my_user@my_remoteserver.com
When I then test ssh it works fine. I synchronize my remote instance
and test ssh again, it still works. When I synchronize my local
instance though SSH has stopped working when the instance comes back
up. I'm prompted for a password instead of it accepting the
connection.
Can anyone help please?
Nickolas Toursky
Jun 2, 2009, 9:38:31 AM6/2/09
to scalr-...@googlegroups.com
Hi,
/root/.ssh/ is omitted during synchronize, I'd suggest you to place
your keys into different location.
Nick
/root/.ssh/ is omitted during synchronize, I'd suggest you to place
your keys into different location.
Nick
project...@googlemail.com
Jun 2, 2009, 9:43:27 AM6/2/09
to scalr-discuss
Ok thanks. I think I'd just come to that realisation! Can I ask why /
root/.ssh is excluded out of interest?
On Jun 2, 2:38 pm, Nickolas Toursky <hin...@gmail.com> wrote:
> Hi,
>
> /root/.ssh/ is omitted during synchronize, I'd suggest you to place
> your keys into different location.
>
> Nick
>
> On Tue, Jun 2, 2009 at 3:54 PM, project.auth...@googlemail.com
root/.ssh is excluded out of interest?
On Jun 2, 2:38 pm, Nickolas Toursky <hin...@gmail.com> wrote:
> Hi,
>
> /root/.ssh/ is omitted during synchronize, I'd suggest you to place
> your keys into different location.
>
> Nick
>
Nickolas Toursky
Jun 2, 2009, 10:28:15 AM6/2/09
to scalr-...@googlegroups.com
So the keys for the wrong farms or users (in the case of shared roles)
are not persist synchronize.
are not persist synchronize.
Alex Kovalyov
Jun 3, 2009, 8:22:56 AM6/3/09
to scalr-discuss
On 2 июн, 16:43, "project.auth...@googlemail.com"
<project.auth...@googlemail.com> wrote:
> Ok thanks. I think I'd just come to that realisation! Can I ask why /
> root/.ssh is excluded out of interest?
To prevent someone that gain access to your AMI from reading sensible
> Ok thanks. I think I'd just come to that realisation! Can I ask why /
> root/.ssh is excluded out of interest?
data.
Donovan Bray
Jun 3, 2009, 10:33:24 AM6/3/09
to scalr-...@googlegroups.com
I resolved this issue by copying the keys to a different directory,
then created a bash script that used the boot_finished hook to copy
them in place
On Jun 3, 2009, at 5:22 AM, Alex Kovalyov <alex.k...@gmail.com>
wrote:
then created a bash script that used the boot_finished hook to copy
them in place
On Jun 3, 2009, at 5:22 AM, Alex Kovalyov <alex.k...@gmail.com>
wrote:
donnoman
Jun 26, 2009, 12:22:25 PM6/26/09
to scalr-discuss
Our Capistrano tasks that deal with root's keys.
=== scalr.rb ===
Capistrano::Configuration.instance(:must_exist).load do
set :scalr_user_code, '/usr/local/aws/user'
namespace :scalr do
desc "Upload custom event handler for hostup"
task :on_hostup, :roles => [:app,:web,:db] do
#When role scales roots ssh environment gets deleted which
interferes with ruby based cap operations"
upload "config/git/git_rsa", "/root/.ssh/id_rsa"
run "chmod 600 /root/.ssh/id_rsa"
run "mkdir -p #{scalr_user_code}/resources/ssh"
run "cp ~/.profile #{scalr_user_code}/resources/profile"
run "cp -r ~/.ssh/* #{scalr_user_code}/resources/ssh/"
run "rm -rf #{scalr_user_code}/resources/ssh/authorized_keys"
#authorized_keys is generated per farm.
upload "templates/scalr/user/bin/hostup", "#{scalr_user_code}/
bin/hostup", :mode => "755"
run "#{scalr_user_code}/bin/hostup"
end
=== end ===
=== templates/scalr/usr/bin/hostup ===
#!/bin/bash
. /etc/aws/host.conf
user_resources='/usr/local/aws/user/resources'
mkdir -p /root/.ssh
cp $user_resources/profile /root/.profile
cp -r $user_resources/ssh/* /root/.ssh/
=== end ===
=== scalr.rb ===
Capistrano::Configuration.instance(:must_exist).load do
set :scalr_user_code, '/usr/local/aws/user'
namespace :scalr do
desc "Upload custom event handler for hostup"
task :on_hostup, :roles => [:app,:web,:db] do
#When role scales roots ssh environment gets deleted which
interferes with ruby based cap operations"
upload "config/git/git_rsa", "/root/.ssh/id_rsa"
run "chmod 600 /root/.ssh/id_rsa"
run "mkdir -p #{scalr_user_code}/resources/ssh"
run "cp ~/.profile #{scalr_user_code}/resources/profile"
run "cp -r ~/.ssh/* #{scalr_user_code}/resources/ssh/"
run "rm -rf #{scalr_user_code}/resources/ssh/authorized_keys"
#authorized_keys is generated per farm.
upload "templates/scalr/user/bin/hostup", "#{scalr_user_code}/
bin/hostup", :mode => "755"
run "#{scalr_user_code}/bin/hostup"
end
=== end ===
=== templates/scalr/usr/bin/hostup ===
#!/bin/bash
. /etc/aws/host.conf
user_resources='/usr/local/aws/user/resources'
mkdir -p /root/.ssh
cp $user_resources/profile /root/.profile
cp -r $user_resources/ssh/* /root/.ssh/
=== end ===
Reply all
Reply to author
Forward
0 new messages