sipasing
commented
6 months ago @brenns10 Thanks for laying out the task requirements. I work for OL virtualization team and use yo pretty much everyday. Can i take this task ?
Open brenns10 opened 1 year ago
sipasing
commented
6 months ago @brenns10 Thanks for laying out the task requirements. I work for OL virtualization team and use yo pretty much everyday. Can i take this task ?
brenns10
commented
6 months ago Yes, feel free! Thank you :)
sipasing
commented
6 months ago Gr8. Can you assign this to me, it will help set up email subscription’s automatically . Also helps track different GitHub projects assigned at once.
Currently we have the configuration ssh_public_key, which is supposed to be the file path to the user's public key.
The expectation is that this points to the public half of a public/private key pair sitting in
~/.ssh, e.g.~/.ssh/id_rsa.pub. If the private half of the key pair exists, then Yo will happily include a-i ~/.ssh/id_rsain SSH commands in order to specify which SSH identity gets used. This is a somewhat nice feature in case a user has SSH configured with strict identities, or if the SSH key lives outside of~/.ssh, but that's not usually the case. Normally, passing-i IDENTITYis unnecessary.More importantly, the SSH public key configuration's main duty (outside of this weird "find the private key" implementation detail) is supposed to be that it's provided to OCI when launching an instance. Except OCI can take multiple public keys - it's asking for an
authorized_keysfile, not necessarily just a single public key. This is a very useful ability, since people may have multiple machines, each with their own key, and they should be able to provision all the public keys if they want.Right now, you can just stick multiple keys into a file and set
ssh_public_keyto point to that file. But that's bad because you'll probably break the private key semantics described above. Plus, the namessh_public_keyis wrong: it should beauthorized_keys_file.So I would like to do:
ssh_private_keyconfiguration option which is very optional. It could be used for the-icases above.authorized_keys_fileconfiguration option to be used for launching instances.ssh_public_keyconfiguration option. Raise an error if it is present with either of the above options.