[cs615asa] hw5 Question

[Justin Barish]

Ok, that makes sense.

Like the last assignment, for creating an ec2 instance, should we assume a
default aws key name of 'ec2-backup'?

-Justin

On Tue, Apr 2, 2019 at 3:11 PM Jan Schaumann <jschauma at stevens.edu> wrote:

> Justin Barish <jbarish at stevens.edu> wrote:
> > If the user in the EC2_BACKUP_FLAGS_SSH changes their ssh key
> > to something different, would they also change the --key-name in
> > EC2_BACKUP_FLAGS_AWS to match, or would we have to manually do that?
> >
> > (And regardless, if they give a key-name in EC2_BACKUP_FLAGS_AWS
> > that doesn't match the one in EC2_BACKUP_FLAGS_SSH,
> > should we throw an error, or ignore their provided --key-name)
>
> You cannot make assumptions about the names of the keys.  There is no
> requirement that a key named "bob" in AWS matches a file named "bob" on
> the local system.  I can create a key pair and have the key in AWS be
> identified as "fritz" and save the private key on my local system as
> "bob"; what's more, I can later choose to rename the file to "jenny".
>
> Fortunately for you, this simplifies things rather than making things
> more complicated: you don't need to try to "verify" if keys used for SSH
> match the ones used for AWS.  You will use whatever the user provides.
> If that works, great; if not, produce (or bubble up) a meaningful
> error to the user.  But in the face of ambiguity, resist the temptation
> to guess: tell the user that e.g., ssh didn't work, but don't try to
> speculate "you provided a key that doesn't match the key in AWS",
> because you don't know if that is the case or not.
>
> -Jan
> _______________________________________________
> cs615asa mailing list
> cs615asa at lists.stevens.edu
> https://lists.stevens.edu/mailman/listinfo/cs615asa
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.stevens.edu/pipermail/cs615asa/attachments/20190402/1f819866/attachment-0001.html>