On Tue, Jun 24, 2014 at 2:34 AM, Renich Bon Ciric <renich@xxxxxxxxxxxxxxxx> wrote: > On Mon, Jun 23, 2014 at 11:30 PM, Filipe Brandenburger > <filbranden@xxxxxxxxxx> wrote: >> Last time I tried it, it seems that the main limitation of cloud-init >> is that it wants you to define the list of users to be created >> statically, while GCE wants to give you a list of keys for you to >> create the users that correspond to those keys... > > Do not forget the horrible; passwordless, sudo setting as well. Not my > favorite in the world, at all. I don't think the passwordless sudo that google's tools sets up is any different from what cloud-init does, is it? In both cases it's assumed that the user for whom you are injecting the ssh key is the "administrator". Baking in a password wouldn't make it any better, and shoving a password into the metadata (even encrypted) would allow any user on the system to retrieve it and attempt to decrypt. What would be a better solution? _______________________________________________ cloud mailing list cloud@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/cloud Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
