[cs615asa] Some questions.

hyan2 hyan2 at stevens.edu
Fri Mar 22 14:02:23 EDT 2013


Hi Professor,

Thank you for your prompt reply. It now make sense. However, here is 
another problem. I searched from internet and try to find where aws get 
the default key to run a new instance. But I haven't found yet. My 
program uses boto.run_instances(image_id, min_count=1, max_count=1, 
key_name='', security_groups='', instance_type='', placement=''...) to 
start a new instance so that I need to read all of the options before it 
starts. Now, my program read from a new environment variable(It must be 
set before running)for the default key and it works fine.

Could you give me some informations about the default key? Thank you.

-Han

On Fri, 22 Mar 2013 12:27:21 -0400, Jan Schaumann wrote:
> hyan2 <hyan2 at stevens.edu> wrote:
>
>> I am still confusing. If I run a new instance without key pair. How 
>> can
>> I ssh to such instance? Since even though I have set up the config 
>> file
>> correctly, the private key I have set up for the host may be 
>> correspond
>> to another public key. In this case, I will always get error when I 
>> try
>> to ssh to the host.
>
> First example:
>
> Suppose you have created a keypair and stored it with AWS as your
> default key.  Let the name of the private ssh key on your system be
> "id_rsa".
>
> Now, if you create a new EC2 instance without specifying any 
> particular
> key pair, AWS will use your default key.  In order to be able to ssh 
> to
> this host, you would need to use the file "id_rsa".  Store the file
> "id_rsa" in ~/.ssh/id_rsa, and you will not need to specify any key 
> to
> ssh(1), as ssh(1) will by default try to use the file '~/.ssh/id_rsa' 
> if
> it exists.
>
> For your homework assignment, this would mean that the user has not 
> set
> either the EC2_BACKUP_FLAGS_AWS nor the EC2_BACKUP_FLAGS_SSH 
> environment
> variables.  Execution would be:
>
> ec2-backup -d .
>
>
> Second example:
>
> Suppose you have created a keypair and stored it with AWS as your
> default key.  Let the name of the private ssh key on your system be
> "my-ec2-key".
>
> Now, if you create a new EC2 instance without specifying any 
> particular
> key pair, AWS will use your default key.  In order to be able to ssh 
> to
> this host, you would need to use the file "my-ec2-key".  Store the 
> file
> "my-ec2-key" in ~/.ssh/my-ec2-key, then update your ~/.ssh/config 
> file
> to contain the following lines:
>
> Host *.amazonaws.com
> 	IdentityFile ~/.ssh/my-ec2-key
>
> Now when you ssh(1) to a new instance, you will not need to specify a 
> key
> file, as ssh(1) reads the file ~/.ssh/config and knows that, when
> connecting to a host that ends in ".amazonaws.com", it should use the
> key ~/.ssh/my-ec2-key.
>
> For your homework assignment, this would mean that the user has not 
> set
> either the EC2_BACKUP_FLAGS_AWS nor the EC2_BACKUP_FLAGS_SSH 
> environment
> variables.  Execution would be:
>
> ec2-backup -d .
>
>
> Third example:
>
> Suppose you have created a keypair and stored it with AWS as the 
> keypair
> named "stevens".  Let the name of the private ssh key on your system 
> be
> "ec2-stevens".
>
> Now, if you create a new EC2 instance without specifying any 
> particular
> key pair, AWS will use your default key.  In order to use the
> non-default "stevens" key, you would have to specify "--key-name
> stevens".  But you cannot tell the program you're writing to use this
> particular keypair directly.  Instead, you would need to set the
> EC2_BACKUP_FLAGS_AWS environment variable.
>
> In order to be able to ssh to an instance created with "--key-name
> stevens", you would need to use the file "ec2-stevens", but you do 
> not
> want to use this key for _all_ EC2 instances, only this particular 
> one.
>
> Store the file "ec2-stevens" in ~/.ssh/ec2-stevens, then use "ssh -i
> ~/.ssh/ec2-stevens" to connect to the new instance.  But you cannot 
> tell
> the program you're writing to use this particular flag directly.
> Instead, you would need to set the EC2_BACKUP_FLAGS_SSH environment
> variable.
>
> For your homework assignment, execution would then be:
>
> export EC2_BACKUP_FLAGS_AWS="--key-name stevens"
> export EC2_BACKUP_FLAGS_SSH="-i ~/.ssh/ec2-stevens"
> ec2-backup -d .
>
>
> In other words, your program does not need to know _what_ the value 
> of
> these environment variables are; all it needs to do is use them in 
> the
> right place to invoke the correct commands.
>
> -Jan


More information about the cs615asa mailing list