#212 keyfile as resources - Rundeck Development

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#212 new

keyfile as resources

Reported by Bruno Bonfils | February 21st, 2011 @ 10:59 AM

I think using a global application ssh identity file may be restrictive in some conditions. I'm thinking about the following use cases:

a XML file (keys.xml) like

<key name="group1">
 <file>$HOME/.ssh/mysecretkey</file>
</key>

with a special named default for the default key.

This way, it wil very easy to manage differents keys for a node by adding keyName attribute in a node definition, and if this attribut doesn't exists, the default key will be use.

Comments and changes to this ticket

Alex-SF March 21st, 2011 @ 08:05 AM
- Milestone set to “Rundeck 1.3”
- Milestone order changed from “13” to “0”
Greg Schueler April 20th, 2011 @ 10:17 AM
Perhaps we can make this more generic as well, allowing for some kind of credential definition independent of ssh.

e.g. defining some xml/yaml files as project/X/etc/something.cred allows you to specify:
```
<node name="mynode" credentialset="something/key1" .../>
```
and something.cred:
```
<credentials>
<credential name="key1">
   <ssh-keyfile file="$HOME/.ssh/mysecretkey"/>
</credential>
</credentials>
```
It is then up to the dispatcher to supply the correct credential definition to the SSH node executor.

An alternative that could apply just to SSH would be to define a particular known key path, and then allow the node attributes to specify a key file by name:
```
<node name="mynode" sshkeyfile="keyfile1".../>
```
and have $RDECK_BASE/projects/X/etc/credentials/ be the known "keyfile path", so the keyfile1 resolves to $RDECK_BASE/projects/X/etc/credentials/keyfile1.key
Alex-SF June 8th, 2011 @ 11:11 AM
- Milestone cleared.
- Milestone order changed from “12” to “0”
Postponing until after 1.3 release to get feedback and see usage of dispatcher plugin and custom node attributes.
Alex-SF July 9th, 2011 @ 01:48 PM
- Tag set to “credentials node”

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

(DEPRECATED) Please use github issues for issue tracking at http://github.com/dtolabs/rundeck/issues

Shared Ticket Bins (Sort)

↓↑ drag 218 Open tickets
↓↑ drag 390 Resolved tickets
↓↑ drag 3 This week's tickets

People watching this ticket

Referenced by

89 Remove the credentials from the resource model It sounds like you want a new generic way of modeling cre...

Rundeck Rundeck Development