Bug 834930 For those folks wanting a way to manage authorised ssh keys within Juju, trunk now has that functionality. There are 4 commands:
add - add ssh keys for a Juju user delete - delete ssh keys for a Juju user list - list ssh keys for a Juju user import - import Launchpad or Github ssh keys For more details, run "juju authorised-keys" to see some help printed. Currently, the default (and only) Juju user for an environment is "admin". This will change as support for users and roles etc comes along in the future. So for now, think of Juju's ssh key management as a way to allow people other than the person who bootstrapped an environment the ability to ssh into Juju machines/nodes. I'm guessing people will mostly use import to pull in ssh keys from Launchpad or Github eg "juju authorised-keys import lp:wallyworld". But for clouds which do not have access to the internet, "add" is useful since it allows a full key to be imported directly. When deleting keys, you use the key fingerprint or comment to specify what to delete. You can find the fingerprint for a key using ssh-keygen. Note that right now, keys are global and grant access to all machines. When a key is added, it is propagated to all machines in the environment. When a key is deleted, it is removed from all machines. For manually provisioned machines, which may already have their own authorised ssh keys before being added to the Juju environment, these keys are retained and not managed or deleted by Juju. Juju will prepend "Juju:" to all key comments for keys which it has added to a machine so that it knows which ones to ignore. Hopefully the functionality is useful. I expect it may well need to be refined as things progress with user permissions and roles. Please file bugs if you encounter any issues or usability concerns etc. -- Juju-dev mailing list Juju-dev@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju-dev
