~/.ssh/id_rsa is hardcoded

mglantz / ocp37-azure-simple

Stable and simpler install of OCP 3.7 on Azure. New version at: https://github.com/mglantz/ocp39-azure-simple

5 stars 2 forks source link

~/.ssh/id_rsa is hardcoded #2

Open alexbez opened 6 years ago

alexbez commented 6 years ago

It is not possible to supply a key, which is different from the deployer's own key. If one generates a separate "cluster admin key" and provides its public part in deploy.cfg, this key propagates to the bastion OK, so it is possible to ssh to bastion, but it is not possible to ssh from bastion to any other node. As a result the deployment fails.

mglantz commented 6 years ago

Hey there,

If you set the key in (PUBLIC_SSH_KEY) in deploy.cfg, does that not work? Seems like it should..

mglantz commented 6 years ago

Or, aha, you mean that you'd like to use one key to trigger the install (laptop -> bastion) and one key to manage the cluster with (bastion -> cluster nodes)?

mglantz commented 6 years ago

Nevermind, I see what you mean. It's correct that in the prep-work for the cluster install, the private key of the user is put in a keystore which is later used. I'll add the option to use an arbitrary key there.