yahoo-eng-team team mailing list archive

[Dan Watkins <daniel.watkins@xxxxxxxxxxxxx>]

Public bug reported:

GCE supports the expiration of SSH keys.  It does so by including the
expiry time in a JSON blob in the comment section of the SSH key.  As
per [0], the format is:

ssh-rsa [KEY_VALUE] google-ssh
{"userName":"[USERNAME]","expireOn":"[EXPIRE_TIME]"}

Keys can remain in metadata after expiry, so cloud-init should know how
to filter them out itself.


[0] https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys

** Affects: cloud-init
     Importance: Undecided
         Status: New

** Affects: cloud-init (Ubuntu)
     Importance: Undecided
         Status: New

** Also affects: cloud-init (Ubuntu)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1707039

Title:
  GCE data source should disregard expired SSH keys

Status in cloud-init:
  New
Status in cloud-init package in Ubuntu:
  New

Bug description:
  GCE supports the expiration of SSH keys.  It does so by including the
  expiry time in a JSON blob in the comment section of the SSH key.  As
  per [0], the format is:

  ssh-rsa [KEY_VALUE] google-ssh
  {"userName":"[USERNAME]","expireOn":"[EXPIRE_TIME]"}

  Keys can remain in metadata after expiry, so cloud-init should know
  how to filter them out itself.

  
  [0] https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1707039/+subscriptions