ssh fingerprint retrieval

Registered by Kevin Fox on 2014-01-17

Being able to create/delete vm's so quickly in the cloud is great, but it puts pressure on the ssh infrastructure in a way not origionally intended. That of ssh fingerprinting. Re-Fingerprinting happens very frequently in the cloud and infrequently normally.

It is a very manual process to discover what your new vm's ssh fingerprint is so you can safely login to it without being man-in-the-middle attacked. Most people don't go through the effort and just accept the risk without understanding it.

python-novaclient needs a command like:
nova get-ssh-fingerprint <instance-name>

That might work similary to the nova get-password command. The instance posts its fingerprint and nova allows the client to securely retrieve it. This prevents man-in-the-middle attacks between the cloud and the end user.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.