0

As part of a cloud init script for an EC2 instance, I want to generate a private & public key for a user created on the new instance and then copy the public key over to another server in the same private network. The question is the best way to do this since at the time of copy there will not be a straightforward way to copy something over to the other network.

The only thing I can think of is creating a user just for copying certificates and storing the private key for that user in the AMI used for generating that instance but I'm not very enthusiastic about it.

Jordan Reiter
  • 1,290
  • 4
  • 20
  • 40
  • 1
    Use your favorite configuration management tool (puppet/chef/salt/ansible/etc....) – Zoredache Apr 25 '14 at 17:13
  • can't you script also `ssh-copy-id` ? – LinuxDevOps Apr 25 '14 at 17:24
  • @Zoredache can you recommend a good config tool to start out on? – Jordan Reiter Apr 25 '14 at 20:58
  • @LinuxDevOps pretty sure that would require a password? I'm sure there are ways I could enter that in without storing it in a file somewhere but that sounds pretty complicated. – Jordan Reiter Apr 25 '14 at 21:01
  • I have a strong preference for puppet, but I have heard good things about the alternatives. If you aren't already using a configuration management tool you should strongly look into one. It will take a bit of an investment in time at to get started, but once you have it in place it can, and probably will make your life a lot easier. – Zoredache Apr 25 '14 at 21:42
  • You are right, that would require a password, so use a tool as suggested, I find Ansible the easiest. – LinuxDevOps Apr 25 '14 at 22:54

0 Answers0