[cs615asa] Some questions about env setup and X.509 certificate

zding4 zding4 at stevens.edu
Fri Jan 30 18:02:07 EST 2015


在 01/30/2015 2:16 PM,Jan Schaumann 写道:
> hchen29 <hchen29 at stevens.edu> wrote:
> 
>> If you are using the EC2 CLI it is X.509. But the AWS CLI, as far as I
>> can see, it's Access keys.
> 
> Correct.
> 
> As explained in detail on
> docs.aws.amazon.com/AWSSecurityCredentials/1.0/AboutAWSCredentials.html,
> different access methods use different authentication mechanisms.
> 
> As you read the above document, keep in mind that AWS is used by
> organizations with significant access and privacy needs, and that your
> specific use case may not have the same requirements as those that
> others have.  The different authentication mechanisms have their own
> advantages and disadvantages.
> 
> 
> The "EC2 CLI" tools are also installed on linux-lab under
> /opt/ec2tools-1.4, and those utilize the certificate for authentication
> to AWS.  These use asymmetric key cryptography, allowing you to retain
> full control of the private key at the cost of having to manage and
> distribute the key material yourself.
> 
> The 'aws' utility under /usr/local/bin uses "Access keys".  This is a
> form of symmetric key cryptography, where the private key is available
> on both ends (Amazon's and yours).
> 
> -Jan
> 
> P.S.: Please restrict what you're quoting to only that which is
> necessary to retain context.  Fully quoting several emails means people
> have to scroll through several pages of text to get to your comment.
> _______________________________________________
> cs615asa mailing list
> cs615asa at lists.stevens.edu
> https://lists.stevens.edu/mailman/listinfo/cs615asa

For our first hw, Do we need to write something about X.509 certificate 
or other shell changing?
Or we just write what we exactly do on linux-lab to launch an instance?

Sincerely,
Zhizhuo


More information about the cs615asa mailing list