[one-users] Passwordless ssh between VM's?

Poul Kristensen bcc5226 at gmail.com
Thu Mar 22 03:40:37 PDT 2012


Setup a Kerberos server and use tickets. You do not need to arrange
private/public keys on every server (host/vm's).

2012/3/22 Olivier Sallou <olivier.sallou at irisa.fr>

>
>
> Le 3/22/12 6:53 AM, biro lehel a écrit :
>
>   Hello everyone,
>
> I'm looking for the most convenient setting to be able to passwordlessly
> ssh between the VM's created by OpenNebula. I've noticed that the settings
> which provide passwordless ssh from the Front-end (or Hosts) into VM's do
> not deal with this, the system is still asking for a password if I want to
> ssh from VM into VM. So, did I do something wrong, and in theory, the exact
> same steps would need to be followed in case of VM's too, or is there some
> trick?
>
>
> To enable password less communication between VMs you need top create a
> SSH key for a user (root?) that will be in all you VMs.
> You should also disable in ssh_config the know_hosts feature (or redirect
> it to /dev/null).
>
> For SSH there are multiple means. You create a VM with a SSH key inside,
> the drawback is the SSH key is the same for all VMs e.g. all users, this is
> not secure but for test only it would fit.
> At boot time you load the ssh key for a file set in CONTEXT template, with
> a key dedicated per user. Or, still at boot time, you trigger a server (you
> made) to get a SSH key from the VM ip.
>
> Olivier
>
>
> Thank you,
> Lehel.
>
>
> _______________________________________________
> Users mailing listUsers at lists.opennebula.orghttp://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
> --
> Olivier Sallou
> IRISA / University of Rennes 1
> Campus de Beaulieu, 35000 RENNES - FRANCE
> Tel: 02.99.84.71.95
>
> gpg key id: 4096R/326D8438  (keyring.debian.org)
> Key fingerprint = 5FB4 6F83 D3B9 5204 6335  D26D 78DC 68DB 326D 8438
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20120322/38afdb53/attachment-0002.htm>


More information about the Users mailing list