ssh fingerprint retrieval
Being able to create/delete vm's so quickly in the cloud is great, but it puts pressure on the ssh infrastructure in a way not origionally intended. That of ssh fingerprinting. Re-Fingerprinting happens very frequently in the cloud and infrequently normally.
It is a very manual process to discover what your new vm's ssh fingerprint is so you can safely login to it without being man-in-the-middle attacked. Most people don't go through the effort and just accept the risk without understanding it.
python-novaclient needs a command like:
nova get-ssh-fingerprint <instance-name>
That might work similary to the nova get-password command. The instance posts its fingerprint and nova allows the client to securely retrieve it. This prevents man-in-the-middle attacks between the cloud and the end user.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Work Items
Dependency tree
* Blueprints in grey have been implemented.