I think ideally this is configurable on a per-ami or per-instance level. Having a global switch of "inject keys" means that AMIs that have explicitly disabled root login (like the Ubuntu ones) are in a sense violated if *any* image you want to run does not support pulling keys from a metadata service.
If you believe that you have to support image manipulation by the host (which i generally disagree with), then I think that per-ami is probably the right level, and turn it off by default. -- You received this bug notification because you are a member of Registry Administrators, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/683525 Title: Key injection should be configurable _______________________________________________ Mailing list: https://launchpad.net/~registry Post to : registry@lists.launchpad.net Unsubscribe : https://launchpad.net/~registry More help : https://help.launchpad.net/ListHelp
