[Thincrust-devel] fedora 10 AMI, host key fingerprint in ec2-converter
Mitch Skinner
lists at arctur.us
Tue Apr 7 19:13:32 UTC 2009
Hello list, I've got two questions:
1. When I launch the fedora 10 ami (ami-2a5db943) listed here:
http://thincrust.org/aos.html
The console output says:
Fedora release 10.90 (Rawhide)
Did you mean for it to be Rawhide? Did y'all put together a non-Rawhide
F10 AMI?
2. The EC2 documented way of getting the host key fingerprint (to avoid
MITM attacks) is for rc.local on the instance to output the fingerprint
on the console; then the user can view it with ec2-get-console-output.
The Amazon F8 image has this in its rc.local:
echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----" |logger -s -t "ec2"
ssh-keygen -l -f /etc/ssh/ssh_host_key.pub |logger -s -t "ec2"
ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub |logger -s -t "ec2"
ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub |logger -s -t "ec2"
echo "-----END SSH HOST KEY FINGERPRINTS-----" |logger -s -t "ec2"
Seems like this ought to go into ec2-converter; it looks like it would
fit right into the rclocal_config method in ec2config.py. I'm not sure
about the "logger" stuff, though.
Regards,
Mitch
More information about the Thincrust-devel
mailing list