Re: Reading archives..
Hello everybody,
Le Thu, Nov 08, 2012 at 10:38:07AM +0000, Bromberger, James a écrit :
>
> 1) SSH Username: 'debian' is an obvious choice. Ec2-user is the other. Time
> for an informal vote here?
I think that it is important to underline that the account is privileded.
How about 'Administrator' ? Seriously.
> 3) cloud-init - yes, but it's going to be some years for stable/main. Charles
> - your thoughts?
Help ! http://lists.debian.org/debian-cloud/2012/11/msg00003.html
> 4) CLI tools - not initially here. There's lots to discuss with regards to
> packages of it; who should maintain it, what is the copyright, and where
> should the repo be. I would love to, but I don't have answers for those
> questions right now.
They are non-free, so I think that we should not have them by default.
Packaging them in the non-free section if the license allows would be a good
compromise. Then, scripts à la cloud-init could be turned on to enable
auto-updates for the users who want to.
We also have the euca2ools, which do not implement all the API (no
'--instance-initiated-shutdown-behavior terminate' yet, for instance), but they
are Free and patches may be welcome. https://github.com/eucalyptus/euca2ools
> 9) It was not a Debian security issue - but an image generation that left a
> X509 key visible in the block device.
That is one of the reasons why I like my approach with Debian Installer: 1)
install Debian on a EBS volume in the cloud and 2) bless that volume from
outside the cloud, so that no password or private key transits on the installer
or installed system.
Have a nice day,
--
Charles Plessy
Tsurumi, Kanagawa, Japan
Reply to: