When we use fleetctl from a work machine (e.g. a Ubuntu with compiled fleetctl binary), we normally would do
export FLEETCTL_TUNNEL=123.123.123.123:22000
Then we can use fleetctl for any purpose we like, even ssh into each hosts.
Now if I generate a NEW key pair in one of the hosts, and put the public key in the /home/core/.ssh/authorized_keys, then run fleet-ui on that host, I thought fleet-ui should be able to anything. Yet it seems fleet-ui need to access each every one of them, (i.e. this public key needs to be in every host, not just the landing one).
In any case, I don't think it's a good practice to put my PRIVATE key into CoreOS. That PRIVATE key I use to access my CoreOS, is "Private", I should not hand it out to anyone, right?
When we use fleetctl from a work machine (e.g. a Ubuntu with compiled fleetctl binary), we normally would do
Then we can use fleetctl for any purpose we like, even ssh into each hosts.
Now if I generate a NEW key pair in one of the hosts, and put the public key in the /home/core/.ssh/authorized_keys, then run fleet-ui on that host, I thought fleet-ui should be able to anything. Yet it seems fleet-ui need to access each every one of them, (i.e. this public key needs to be in every host, not just the landing one).
In any case, I don't think it's a good practice to put my PRIVATE key into CoreOS. That PRIVATE key I use to access my CoreOS, is "Private", I should not hand it out to anyone, right?