juju system ssh keys - revisiting

Tim Penhey tim.penhey at canonical.com
Tue Dec 17 03:54:35 UTC 2013 

Hi all,

A while back Andrew raised the suggestion that we create a SSH key for
the purpose of monitoring the juju bootstrap. This has raised its head
again for several reasons:

1) Many windows users don't have ssh keys, nor even ssh installed.  We
have a go ssh implementation that we can fall back to if there is no
PuTTY installed.

2) Not all linux users have ssh installed. Granted, most developers
will, but not necessarily all.

3) Creating new environments from the Juju GUI needs a way to get things
bootstrapped

4) Now we have the authorized_keys workers, we can add ssh keys once an
environment is running, and the existing machines get the new keys added
in to their authorized keys list

and finally, the real thing that clinched it for me

5) Juju run. In order to make this available to the GUI, it needs to be
executed from the API server.  This means that the API server machine
needs to be able to SSH to all the other machines. No one is going to
want to upload their own private key, nor should they.

I propose that we create a new SSH key when we bootstrap environments,
and use that key to watch the bootstrap process.  This means that we
have no checking for existing keys when we bootstrap, no "oh, you don't
have a key, I'll make one", but instead, as part of the bootstrap
process we generate a "juju system ssh key" with an appropriate comment.

Both the public and private parts of this key are installed on all the
"api server" machines.  The private identity can be stored anywhere, and
I suggest /var/lib/juju/identity/juju-system-ssh-key (or any other
bike-shed colour).

This key is then used by juju when it needs to do things with the other
machines. We already have a utility command to wrap ssh things, and we
will most likely expand on that utility.

Upgrades

Given that we'd need to add this system key for upgraded environments,
and also have a way to handle the situation where a user removes
(however they do it) they system ssh key, we need some way to do this
initial creation.

Tim

More information about the Juju-dev mailing list