You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Harikrishna Patnala <ha...@citrix.com> on 2013/03/04 08:22:28 UTC
Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/
-----------------------------------------------------------
Review request for cloudstack and Abhinandan Prateek.
Description
-------
SSH keys overwritten for user running management server.
Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
This addresses bug CLOUDSTACK-1013.
Diffs
-----
server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
Diff: https://reviews.apache.org/r/9727/diff/
Testing
-------
Tested locally
Thanks,
Harikrishna Patnala
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Prasanna Santhanam <Pr...@citrix.com>.
> On March 4, 2013, 7:38 a.m., Dave Cahill wrote:
> > This looks good to me - and great to see someone is fixing it!
> >
> > One slightly strange edge case springs to mind - I think the behavior in this edge case is fine, but wanted to bring it up explicitly just in case:
> >
> > In KVM, if running management server as root, this will set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud on management server startup.
> >
> > If running on a single-node setup, the same machine (acting as host) will receive the keys and set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud again, to the same values. Again, I guess this is fine, but wanted to point out the filename clash.
> >
> >
> >
> >
>
> Prasanna Santhanam wrote:
> It can go wrong and overwrite the keys within the KVM agent. May be a different name will serve the purpose - something like id_rsa.devel instead of cloud since it affects only the developer environment?
>
> Harikrishna Patnala wrote:
> It won't go wrong as it copies the same value on the same file. I think this name (.cloud) serves our purpose.
>
> Prasanna Santhanam wrote:
> Ok got it. But is this something you want to push for 4.1? I'll apply it on master shortly.
Hari - minor fix. The suffix should be .pub and not .cloud. Generated keys have .pub at the end. Can you resubmit this? THanks
- Prasanna
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17325
-----------------------------------------------------------
On March 4, 2013, 7:22 a.m., Harikrishna Patnala wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
>
> (Updated March 4, 2013, 7:22 a.m.)
>
>
> Review request for cloudstack and Abhinandan Prateek.
>
>
> Description
> -------
>
> SSH keys overwritten for user running management server.
>
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
>
>
> This addresses bug CLOUDSTACK-1013.
>
>
> Diffs
> -----
>
> server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
>
> Diff: https://reviews.apache.org/r/9727/diff/
>
>
> Testing
> -------
>
> Tested locally
>
>
> Thanks,
>
> Harikrishna Patnala
>
>
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Prasanna Santhanam <Pr...@citrix.com>.
> On March 4, 2013, 7:38 a.m., Dave Cahill wrote:
> > This looks good to me - and great to see someone is fixing it!
> >
> > One slightly strange edge case springs to mind - I think the behavior in this edge case is fine, but wanted to bring it up explicitly just in case:
> >
> > In KVM, if running management server as root, this will set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud on management server startup.
> >
> > If running on a single-node setup, the same machine (acting as host) will receive the keys and set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud again, to the same values. Again, I guess this is fine, but wanted to point out the filename clash.
> >
> >
> >
> >
It can go wrong and overwrite the keys within the KVM agent. May be a different name will serve the purpose - something like id_rsa.devel instead of cloud since it affects only the developer environment?
- Prasanna
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17325
-----------------------------------------------------------
On March 4, 2013, 7:22 a.m., Harikrishna Patnala wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
>
> (Updated March 4, 2013, 7:22 a.m.)
>
>
> Review request for cloudstack and Abhinandan Prateek.
>
>
> Description
> -------
>
> SSH keys overwritten for user running management server.
>
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
>
>
> This addresses bug CLOUDSTACK-1013.
>
>
> Diffs
> -----
>
> server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
>
> Diff: https://reviews.apache.org/r/9727/diff/
>
>
> Testing
> -------
>
> Tested locally
>
>
> Thanks,
>
> Harikrishna Patnala
>
>
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Prasanna Santhanam <Pr...@citrix.com>.
> On March 4, 2013, 7:38 a.m., Dave Cahill wrote:
> > This looks good to me - and great to see someone is fixing it!
> >
> > One slightly strange edge case springs to mind - I think the behavior in this edge case is fine, but wanted to bring it up explicitly just in case:
> >
> > In KVM, if running management server as root, this will set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud on management server startup.
> >
> > If running on a single-node setup, the same machine (acting as host) will receive the keys and set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud again, to the same values. Again, I guess this is fine, but wanted to point out the filename clash.
> >
> >
> >
> >
>
> Prasanna Santhanam wrote:
> It can go wrong and overwrite the keys within the KVM agent. May be a different name will serve the purpose - something like id_rsa.devel instead of cloud since it affects only the developer environment?
>
> Harikrishna Patnala wrote:
> It won't go wrong as it copies the same value on the same file. I think this name (.cloud) serves our purpose.
Ok got it. But is this something you want to push for 4.1? I'll apply it on master shortly.
- Prasanna
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17325
-----------------------------------------------------------
On March 4, 2013, 7:22 a.m., Harikrishna Patnala wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
>
> (Updated March 4, 2013, 7:22 a.m.)
>
>
> Review request for cloudstack and Abhinandan Prateek.
>
>
> Description
> -------
>
> SSH keys overwritten for user running management server.
>
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
>
>
> This addresses bug CLOUDSTACK-1013.
>
>
> Diffs
> -----
>
> server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
>
> Diff: https://reviews.apache.org/r/9727/diff/
>
>
> Testing
> -------
>
> Tested locally
>
>
> Thanks,
>
> Harikrishna Patnala
>
>
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Harikrishna Patnala <ha...@citrix.com>.
> On March 4, 2013, 7:38 a.m., Dave Cahill wrote:
> > This looks good to me - and great to see someone is fixing it!
> >
> > One slightly strange edge case springs to mind - I think the behavior in this edge case is fine, but wanted to bring it up explicitly just in case:
> >
> > In KVM, if running management server as root, this will set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud on management server startup.
> >
> > If running on a single-node setup, the same machine (acting as host) will receive the keys and set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud again, to the same values. Again, I guess this is fine, but wanted to point out the filename clash.
> >
> >
> >
> >
>
> Prasanna Santhanam wrote:
> It can go wrong and overwrite the keys within the KVM agent. May be a different name will serve the purpose - something like id_rsa.devel instead of cloud since it affects only the developer environment?
It won't go wrong as it copies the same value on the same file. I think this name (.cloud) serves our purpose.
- Harikrishna
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17325
-----------------------------------------------------------
On March 4, 2013, 7:22 a.m., Harikrishna Patnala wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
>
> (Updated March 4, 2013, 7:22 a.m.)
>
>
> Review request for cloudstack and Abhinandan Prateek.
>
>
> Description
> -------
>
> SSH keys overwritten for user running management server.
>
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
>
>
> This addresses bug CLOUDSTACK-1013.
>
>
> Diffs
> -----
>
> server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
>
> Diff: https://reviews.apache.org/r/9727/diff/
>
>
> Testing
> -------
>
> Tested locally
>
>
> Thanks,
>
> Harikrishna Patnala
>
>
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Dave Cahill <dc...@midokura.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17325
-----------------------------------------------------------
This looks good to me - and great to see someone is fixing it!
One slightly strange edge case springs to mind - I think the behavior in this edge case is fine, but wanted to bring it up explicitly just in case:
In KVM, if running management server as root, this will set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud on management server startup.
If running on a single-node setup, the same machine (acting as host) will receive the keys and set /root/.ssh/id_rsa.pub.cloud and /root/.ssh/id_rsa.cloud again, to the same values. Again, I guess this is fine, but wanted to point out the filename clash.
- Dave Cahill
On March 4, 2013, 7:22 a.m., Harikrishna Patnala wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
>
> (Updated March 4, 2013, 7:22 a.m.)
>
>
> Review request for cloudstack and Abhinandan Prateek.
>
>
> Description
> -------
>
> SSH keys overwritten for user running management server.
>
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
>
>
> This addresses bug CLOUDSTACK-1013.
>
>
> Diffs
> -----
>
> server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
>
> Diff: https://reviews.apache.org/r/9727/diff/
>
>
> Testing
> -------
>
> Tested locally
>
>
> Thanks,
>
> Harikrishna Patnala
>
>
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites
default public/private ssh keys
Posted by Chip Childers <ch...@sungard.com>.
On Thu, Mar 07, 2013 at 09:54:12AM +0000, Harikrishna Patnala wrote:
>
>
> > On March 7, 2013, 9:42 a.m., Prasanna Santhanam wrote:
> > > d51e964 on master
>
> Can you push this on 4.1 also. This could be the problem on both master and 4.1
Applied to 4.1.
>
>
> - Harikrishna
>
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/#review17535
> -----------------------------------------------------------
>
>
> On March 7, 2013, 9:19 a.m., Harikrishna Patnala wrote:
> >
> > -----------------------------------------------------------
> > This is an automatically generated e-mail. To reply, visit:
> > https://reviews.apache.org/r/9727/
> > -----------------------------------------------------------
> >
> > (Updated March 7, 2013, 9:19 a.m.)
> >
> >
> > Review request for cloudstack and Abhinandan Prateek.
> >
> >
> > Description
> > -------
> >
> > SSH keys overwritten for user running management server.
> >
> > Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
> >
> >
> > This addresses bug CLOUDSTACK-1013.
> >
> >
> > Diffs
> > -----
> >
> > server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
> >
> > Diff: https://reviews.apache.org/r/9727/diff/
> >
> >
> > Testing
> > -------
> >
> > Tested locally
> >
> >
> > Thanks,
> >
> > Harikrishna Patnala
> >
> >
>
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Harikrishna Patnala <ha...@citrix.com>.
> On March 7, 2013, 9:42 a.m., Prasanna Santhanam wrote:
> > d51e964 on master
Can you push this on 4.1 also. This could be the problem on both master and 4.1
- Harikrishna
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17535
-----------------------------------------------------------
On March 7, 2013, 9:19 a.m., Harikrishna Patnala wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
>
> (Updated March 7, 2013, 9:19 a.m.)
>
>
> Review request for cloudstack and Abhinandan Prateek.
>
>
> Description
> -------
>
> SSH keys overwritten for user running management server.
>
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
>
>
> This addresses bug CLOUDSTACK-1013.
>
>
> Diffs
> -----
>
> server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
>
> Diff: https://reviews.apache.org/r/9727/diff/
>
>
> Testing
> -------
>
> Tested locally
>
>
> Thanks,
>
> Harikrishna Patnala
>
>
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Prasanna Santhanam <Pr...@citrix.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17535
-----------------------------------------------------------
Ship it!
d51e964 on master
- Prasanna Santhanam
On March 7, 2013, 9:19 a.m., Harikrishna Patnala wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
>
> (Updated March 7, 2013, 9:19 a.m.)
>
>
> Review request for cloudstack and Abhinandan Prateek.
>
>
> Description
> -------
>
> SSH keys overwritten for user running management server.
>
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
>
>
> This addresses bug CLOUDSTACK-1013.
>
>
> Diffs
> -----
>
> server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
>
> Diff: https://reviews.apache.org/r/9727/diff/
>
>
> Testing
> -------
>
> Tested locally
>
>
> Thanks,
>
> Harikrishna Patnala
>
>
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Harikrishna Patnala <ha...@citrix.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/
-----------------------------------------------------------
(Updated March 7, 2013, 9:19 a.m.)
Review request for cloudstack and Abhinandan Prateek.
Changes
-------
new patch with fixes.
Description
-------
SSH keys overwritten for user running management server.
Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
This addresses bug CLOUDSTACK-1013.
Diffs (updated)
-----
server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
Diff: https://reviews.apache.org/r/9727/diff/
Testing
-------
Tested locally
Thanks,
Harikrishna Patnala
Re: Review Request: CLOUDSTACK-1013 : running cloudstack overwrites default
public/private ssh keys
Posted by Prasanna Santhanam <Pr...@citrix.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/9727/#review17532
-----------------------------------------------------------
Hari - the suffix .pub is applied by ssh-keygen. The key will not end in .cloud. Can you fix this?
- Prasanna Santhanam
On March 4, 2013, 7:22 a.m., Harikrishna Patnala wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/9727/
> -----------------------------------------------------------
>
> (Updated March 4, 2013, 7:22 a.m.)
>
>
> Review request for cloudstack and Abhinandan Prateek.
>
>
> Description
> -------
>
> SSH keys overwritten for user running management server.
>
> Fix: Using non-default file names (id_rsa.cloud and id_rsa.pub.cloud) in developer mode.
>
>
> This addresses bug CLOUDSTACK-1013.
>
>
> Diffs
> -----
>
> server/src/com/cloud/server/ConfigurationServerImpl.java c5ae1e2
>
> Diff: https://reviews.apache.org/r/9727/diff/
>
>
> Testing
> -------
>
> Tested locally
>
>
> Thanks,
>
> Harikrishna Patnala
>
>