-
-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auto-generate SSH/SSL secrets on first boot #39
Labels
Comments
BTW, this issue is actual for any pre-packaged artifact, incl. Docker, see: While it's easy to fix in VM, it'll a bit harder to workaround in Docker. |
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are concerns about security keys generated during the CI process and so considered insecure.
And while Vagrant is considered as a solution for demo purposes, OVA could be used in prod environments.
The following needs to be auto-generated on first VM boot:
Stanley
private SSH key & take care of Authorized keySolution would be
systemd
configs which rely on ssh/nginx services (runs as "before" dependency) and creates keys/certs if they're not there already.This will ensure that SSH/SSL secrets are unique and not the same across all the users after our Packer builds.
Apart of that #17, - need to document as insecure:
vagrant
Linux user with defaultvagrant
passwordvagrant
Linux user with default/known Hashicorp SSH private keyThe text was updated successfully, but these errors were encountered: