zdwolfe
commented
10 years ago But does it make sense to have your private key in a public GitHub repo?
Closed zdwolfe closed 10 years ago
zdwolfe
commented
10 years ago But does it make sense to have your private key in a public GitHub repo?
AndreSchumacher
commented
10 years ago I don't immediately see a problem with that as long as you (or anybody else) only uses this key for its intended purpose. Note that the default directory for ssh keys is $HOME/.ssh and as long as you do not copy that file there you should be fine. The key needs to be in the repository because the matching public key is inside the container image in the public image repository.
OK, thinking about it in the long term there should probable be a better solution to this issue. Maybe one could use a similar way as the EC2 scripts do it (which I believe generate the key on starting up of the cluster). I will prepare an issue report and if someone would like to pick it up that would be great.
zdwolfe
commented
10 years ago :+1:
Hi, Thanks but removing the secret key will also make it impossible to log into the master and worker containers via ssh. In principle one could get the keys via a mounted volume from the host but that requires a substantial rewrite of the scripts. Note that you can always change the key yourself in the running container or create a modified image with a different key pair. I'm therefore closing this.