Building on ssh-import-lp-id, you can now launch an instance in UEC (Ubuntu Enterprise Cloud) and have it seeded with one or more public keys securely retrieved from Launchpad.net!
Let's assume you have some registered Ubuntu 10.o4 LTS (Lucid) $EMI ...
Normally, you would need to first have the Cloud Controller (or Amazon) generate a public/private keypair. And personally, I don't like it when anyone other than me has seen my private key. To do this in UEC, you could run:
if [ ! -e ~/.euca/mykey.priv ]; then
chmod 0600 ~/.euca/mykey.priv
euca-add-keypair mykey > ~/.euca/mykey.priv
And then you'd start an instance like this:
euca-run-instances -k mykey $EMI
And to access the instance:
ssh -i ~/.euca/mykey.priv firstname.lastname@example.org
I find this clunky, as I don't use this generated mykey business for anything else, and I can't very easily share access to this VM. The private key has already been known by the Cloud Controller (though it discards it). It's not a real security concern, but it bothers me on principle.
So we (Mathias Gug, Scott Moser, and I) thought we'd make this a bit more fluid for Ubuntu users who have Launchpad.net accounts. Launchpad.net actually provides a free, authenticated, SSL-served Public SSH key-server. You can register and share your Public SSH keys there without compromising your private key. We created a wrapper script called uec-run-instances that takes a new option -l|--launchpad-id, which is a comma-separated list of Launchpad.net id's. The tool will add a bit logic in the user-data that will have the instance retrieve and install the public SSH keys of each of the specified users at boot. The syntax looks like this:
uec-run-instances -l kirkland,mathiaz,smoser $EMI
And then you can just:
How cool is that!?!