It seems to be intented. Basically if you have a VM with 'password'
feature enabled and ssh key enabled, the password is encrypted when
stored in the database. Then when you are changing the ssh key for a VM,
it resets the password so it can store it encrypted as well.
There's an API call which can retrieve the vm password later (after
initial reset / creation / start), but it is encrypted and can only be
decrypted using your private ssh key.
So technically this is a feature, with advanced security, but caused me
some headaches before as well.
On 2016-11-22 14:28, Semih Tolga DEMİR wrote:
Hi Dag & Pierre Luc
We have a same situation which Pierre Luc mentioned, when we try to assign
new ssh key it also resets vm’s admin password.
So i like to learn if this is normal or not, so i took my question, so if
this is a bug do you want me to create a Jira Ticket?
Thanks
Tolga
Also i am sorry that i could not clearly express my ssh key resetting
problem on my previous emails :)
2016-11-22 17:01 GMT+03:00 Pierre-Luc Dion <[email protected]>:
Hi Tolga,
I'm not sure it as been raised as a bug but yes, when you reset the SSHkey
of a VM it also reset the user password. So I guest it's up to your
templates to support one auth method or both.
Are you using cloud-init or scripts defined in the CloudStack documentation
?
Regards,
It’s possible a misunderstanding on my part – but how do you generate the
SSH keys?
If you do this from the CloudStack GUI: home > accounts > (accountname) >
(username) and click on the “generate keys” button – this does not
generate
SSH keys, this generates the API + secret key for that user. To generate
and upload SSH keys please refer to http://docs.cloudstack.apache.
org/projects/cloudstack-administration/en/4.8/virtual_machines.html
If you do follow this already – my apologies for the misunderstanding.
Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue
On 22/11/2016, 09:29, "Semih Tolga DEMİR" <[email protected]>
wrote:
Hi,
I see this issue when adding new SSH Key Pair to existing VM
Creating a new SSH Key
Accounts -> Create a SSH Key Pairs as tolga
Then
Create a VM without ssh key selection.
After login he VM with XXXXX password
Then shutdown VM
Reset SSH Key Pair
Select new ssh key (like tolgaSSH)
Password of the VM has been reset to YYYYY
Finally now i login with YYYYY.
Creating a new SSH Key
Accounts -> Create a SSH Key Pairs as tolga and tolgaSSH
Then
Create a VM with ssh key selection (like tolga)
After login he VM with XXXXX password
Then shutdown VM
Reset SSH Key Pair
Select new ssh key (like tolgaSSH)
Password of the VM has been reset to YYYYY
Finally now i login with YYYYY.
But i want only add/reset SSH Key Pair.
Thanks,
Tolga
2016-11-21 20:38 GMT+03:00 Dag Sonstebo <[email protected]
:
> Hi Tolga,
>
> Can you elaborate? Which SSH keys / passwords are we talking about?
>
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
>
> On 21/11/2016, 16:43, "Semih Tolga DEMİR" <
[email protected]
> wrote:
>
> Hi,
>
> My test environment ACS 4.9, KVM hypervisor.
> I want to understand why need to reset password when add/reset
ssh key
> ?
>
> Thanks,
> Tolga
>
>
>
> [email protected]
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
> @shapeblue
>
>
>
>
[email protected]
www.shapeblue.com
53 Chandos Place, Covent Garden, London WC2N 4HSUK
@shapeblue
Linas Žilinskas
Head of Development
website <http://www.host1plus.com/> facebook
<https://www.facebook.com/Host1Plus> twitter
<https://twitter.com/Host1Plus> linkedin
<https://www.linkedin.com/company/digital-energy-technologies-ltd.>
Host1Plus is a division of Digital Energy Technologies Ltd.
26 York Street, London W1U 6PZ, United Kingdom
