Ask Your Question

Revision history [back]

When you provide the name of a keypair at instance launch, Nova puts the public key into the instance's metadata. The instance then retrieves the key via the metadata API or the config drive. The usual retrieval method is a software package named cloud-init which is included in most cloud images.

If you need to give the instance an SSH key at a later time, you need a channel to the instance (socket, shared file, whatever) through which you can submit the key and a process on the instance that retrieves the key and adds it to the authorized_keys file. So you have to invent a solution, and it is indeed very "manual".

While you can add metadata to a running instance, a metadata item is limited to 255 bytes, and SSH keys are longer.