Status: New
Owner: ----
New issue 1142 by [email protected]: Detect or allow setting cluster-wide
variable AuthorizedKeysFile
https://code.google.com/p/ganeti/issues/detail?id=1142
It is possible to configure sshd to have this option:
AuthorizedKeysFile /etc/ssh/authorized_keys/%u
Which overrides the default:
“.ssh/authorized_keys .ssh/authorized_keys2”.
You might do this for a variety of reasons, one reason it is done is
because you want to manage the approved authorized_keys that are put on a
system, and not allow a user to override or add new ones. Also, the
monkeysphere project requires this modification for it to work.
If you change this setting in sshd_config (as we've done in our
configuration management site-wide), then ganeti gets very confused because
it hard-codes /root/.ssh/authorized_keys for the location. Changes made by
ganeti to this file are more or less useless and confused.
Ganeti could simply read the /etc/ssh/sshd_config file to determine what
this value is set to and use that (otherwise use a default if it is not
set). This could also be a cluster parameter that the admins could set.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
