Ask Your Question
0

Modify keypair in instances already running

asked 2014-07-24 14:08:44 -0500

Pablolibo gravatar image

updated 2014-07-24 14:10:05 -0500

Hi all!

I have a question about the keypaid, I need modify the keypair for security reason, but the documentation I don't found how i can doing it.

I followed the following steps, but I can't found the way de change keypair:

#delete the old kaypair

nova keypair-delete admin

#add the new keypair

nova keypair-add --pub-key .ssh/id_rsa_new.pub admin

#Enter to instance is already running with the old key, and see the metada for information about the new key

curl http://169.254.169.254/2009-04-04/meta-data/public-keys/0/openssh-key

#when run curl commando I can see key old and not the new key

The question is: How can I change the keypair of the instance that is already runnnig with the old key? o What is the best way for this to work?

Any help about this issue is welcome

Thanks

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-07-24 17:49:15 -0500

jproulx gravatar image

Unfortunately I don't think you can do this.

When you launch an instance the key data is copied into the instances table of the nova database, not stored by reference. So as you see changing the stored value of the key doesn't change it's value on any previously launched instances.

This wouldn't be useful without additional custom work inside the VM since the authorized_keys file that is what actually controls login is only written out from the instance metadata on launch.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-07-24 14:08:44 -0500

Seen: 7,112 times

Last updated: Jul 24 '14