Details
-
Type:
extRequest
-
Status: Closed
-
Priority:
Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-LAB-HELP
-
Labels:None
-
HD-Node:Poznan
Description
The region staff team are responsible of the virtual machines instantiated on their servers. Therefore each region staff should have the control of who access the virtual machines for support purposes and set and enforce the corresponding policy. It is not possible if the public keys are shared among all the regions. Additionally, it is also extremely insecure and a problem when a region leaves the federation.
A new service, called aiakos and deployed aiakos.lab.fiware.org, has been deployed in FIWARE Lab to manage support region ssh and gpg keys.
As region administrator, you should create your ssh, and gpg keys and upload it into the aikos service (you can obtain information about how create your keys in https://github.com/telefonicaid/fiware-aiakos/blob/develop/doc/README.rst#generating-a-ssh-key).
To upload your keys into the aiakos service, you should use just a POST operation
POST: https://jsapi.apiary.io/apis/fiwareaiakos/reference/aiakos-v1/add-key/post-key.html
You can find information about why ssh and gpg keys are needed in https://github.com/telefonicaid/fiware-aiakos/blob/develop/doc/README.rst#why-a-ssh-key-and-a-gpg-key-are-needed
Activity
The upload was successful
HTTP/1.1 201 Created
X-Powered-By: Express
Content-Type: text/plain; charset=utf-8
Content-Length: 1739
Date: Tue, 02 Feb 2016 15:59:39 GMT
Connection: keep-alive
But http://aiakos.lab.fiware.org:3000/v1/support/Poznan/sshkey still shows "Not acceptable!"
Hi
You can have a look at the API documentation https://jsapi.apiary.io/apis/fiwareaiakos/reference/aiakos-v1, and you can see that you need specified the Accept and Content-Type header to text/plain
In addition, I can see you have only uploaded the gpgkey, no the sshkey
Regards,
Henar
I tried to upload ssh key using comand
curl --include --request POST --header "Content-Type: text/plain" --header "X-Auth-Token: 7ae4c00f116b49cf9b55fb7ee8fc3726" --header "Accept: text/plain" --data-binary "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM8/dxZvt4lPGhXJQ6j+k1J1N6HMxH7jyRNHLXKU7nTD+aWOcZXYy80P/BxeVido/HXOBgQsMrgeBXLzQHFfejYxswB0zII2dWR+JeQeTdWOrJLVnJEqDpvi7mKivTXgw2sIivdWKiMCvpCKqEyVMuxSrBFYHbZCy6XH4ErQ/1aYxZl5gm9jGfcM9eCpk9q0dxnq5FUsQ0mQ0rwP0pIxlZOctXTsSn9A2EZCVnRtBEaQ3dM7bL+36VHj8JXE2cvyX6DsN3hzupez/LKav0XAN51A/2kO8iKBKtDpUNzi2PCd25cGwEWyltFZVcQFkoa/PLRlup3XQ4ie5A26lMyyZT root@node-1" http://aiakos.lab.fiware.org:3000/v1/support/
But still shows "Not acceptable"
Hi,
You are using "-data-binary". Please use "-d" or "-data", because you are using "Content-Type: text/plain" and you can't use binary in the body.
curl --include --request POST --header "Content-Type: text/plain" --header "X-Auth-Token: xxxxxxxxx" --header "Accept: text/plain" -d "ssh-rss xxxxxxxxxxxxx root@node-1" http://aiakos.lab.fiware.org:3000/v1/support
Executed:
curl --include --request POST --header "Content-Type: text/plain" --header "X-Auth-Token: xxx" --header "Accept: text/plain" -d "ssh-rsa xxxxx" http://aiakos.lab.fiware.org:3000/v1/support
Done