Famous computing clouds like EC2 and Nimbus offer the possibiliy to inject the public part of a keypair at boot time of a VM. Then you are able to log in as root using your personal keypair. For CernVM this fails for a simple reason.
When a public key file is deliverd along with a client’s request to run VM(s), Nimbus and EC2 try to inject a corresponding
authorized_keys file (containing the public key) into the VM’s filesystem; to
The point is that both, Nimbus and EC2, presume an existing folder
/root/.ssh to exist within the original VM filesystem. If it does not, Nimbus and EC2 behave differently:
- Nimbus throws an error while deploying the VM. It simply does not start up. The error is described in this bug ticket.
- EC2 starts up the VM without injecting the
authorized_keysfile. You cannot log in using your keypair.
The workaround is clear:
- mount CernVM image locally
- mkdir /root/.ssh
- unmount image, upload it to your image repository
- run VMs from this modified image
I think this
/root/.ssh folder is something that should be added in future versions of CernVM (I tried version 1.2.0).
Regarding this support ticket,
/root/.ssh will be added in the next release.