Re: Providing official virtualisation images of Debian
Le Tue, Jul 26, 2011 at 08:41:06PM -0400, Kyle Moffett a écrit :
>
> My current work is here:
> http://opensource.exmeritus.com/debian-ami/
>
> Please report any success or problems!
Dear Kyle,
I am studying debian-installer and your procedure. I see that in you patch for
network-console, the public keys provided by the user to the instance running
debian-installer are used not only for d-i's network console, but also copied
to the AMI in preparation. I think that this would prevent to share the AMI
publicly, as explained in http://alestic.com/2011/06/ec2-ami-security
(authorized_keys). Others often use a rc.local or an init.d script to install
user-provided public keys each time the instance is ran, like for instance:
https://github.com/camptocamp/ec2debian-build-ami/blob/master/init.d/ec2-get-credentials
This is actually one of the reasons why I was wondering if a package containing
such files would help to progress towrards a procedure to create AMIs using
only material distributed in Debian.
Have a nice week-end,
--
Charles Plessy
Debian Med packaging team,
http://www.debian.org/devel/debian-med
Tsurumi, Kanagawa, Japan
Reply to: