> On the other hand, if there *is* a good reason for using different
keys for
> different purposes, perhaps we should consider using different keys
for serving
> the API server and for the mongo server.
When I originally wrote this, I wasn't really intending to commit it to
the tree, so the prose was somewhat fast and loose.
https://codereview.appspot.com/43730044/diff/20001/environs/ssh/systemidentity.go#newcode18
environs/ssh/systemidentity.go:18: func WriteSystemIdentity(filename
string, privateKey string) error {
On 2013/12/20 09:19:42, rog wrote:
> We're creating an entire new package for a single constant and a
function that's
> semantically almost identical to ioutil.WriteFile?
> Please let's just define SystemIdentityFilename in environs/cloudinit
and call
> WriteFile directly inside provider/local, the only caller.
Yeah, I have done this now.
Originally I was going to have this module abstract away more of the
information of the system identity file, but now as you can see it
doesn't do much. I have now removed this and just call write from the
local provider.
Please take a look.
https:/ /codereview. appspot. com/43730044/ diff/20001/ doc/system- ssh-key. txt ssh-key. txt (right):
File doc/system-
https:/ /codereview. appspot. com/43730044/ diff/20001/ doc/system- ssh-key. txt#newcode12 ssh-key. txt:12: different purposes just seems like a more
doc/system-
robust idea.
On 2013/12/20 09:19:42, rog wrote:
> I'd like a less hand-wavy justification than this.
> Every extra secret lying around is another potential system
vulnerability.
> On the other hand, if there *is* a good reason for using different
keys for
> different purposes, perhaps we should consider using different keys
for serving
> the API server and for the mongo server.
When I originally wrote this, I wasn't really intending to commit it to
the tree, so the prose was somewhat fast and loose.
https:/ /codereview. appspot. com/43730044/ diff/20001/ environs/ ssh/systemident ity.go ssh/systemident ity.go (right):
File environs/
https:/ /codereview. appspot. com/43730044/ diff/20001/ environs/ ssh/systemident ity.go# newcode18 ssh/systemident ity.go: 18: func WriteSystemIden tity(filename
environs/
string, privateKey string) error {
On 2013/12/20 09:19:42, rog wrote:
> We're creating an entire new package for a single constant and a
function that's
> semantically almost identical to ioutil.WriteFile?
> Please let's just define SystemIdentityF ilename in environs/cloudinit
and call
> WriteFile directly inside provider/local, the only caller.
Yeah, I have done this now.
Originally I was going to have this module abstract away more of the
information of the system identity file, but now as you can see it
doesn't do much. I have now removed this and just call write from the
local provider.
https:/ /codereview. appspot. com/43730044/