Creating functional ssh key-pair on RDO Mitaka via Chrome Advanced REST Client

The problem here is that REST API POST request creating ssh-keypair to access nova servers  doesn’t write to disk rsa private key  and only upload public one to nova. Closing Chrome Client results loosing rsa private key. To prevent failure to write to disk private key , save response-export.json as shown bellow. Working via CLI ( invoking curl ) allows to upload rsa public key to Nova and create rsa private key as file :-

#!/bin/bash -x
 curl -g -i -X POST \
 http://192.169.142.127:8774/v2/052b16e56537467d8161266b52a43b54/os-keypairs \
 -H "User-Agent: python-novaclient" \
 -H "Content-Type: application/json" -H "Accept: application/json" \
 -H "X-Auth-Token: 2ae281359a8f4b249d5e8cf36c4233c0" -d  \
 '{"keypair": {"name": "oskey2"}}' |  tail -1 >output.json ;
 echo "Genegating rsa privare key for server access as file";
 echo "-----BEGIN RSA PRIVATE KEY-----" >  oskey2.pem ;
 sed 's/\\n/\
 /g' <  output.json | grep -v "keypair" | grep -v "user_id" >>oskey2.pem ;
 chmod 600 oskey2.pem

To start ( keystone api v3 environment ) obtain project’s scoped token via request

[root@ip-192-169-142-127 ~(keystone_admin)]# curl -i  -H “Content-Type: application/json” -d ‘ { “auth”:
{ “identity”:
{ “methods”: [“password”], “password”:
{ “user”:
{ “name”: “admin”, “domain”:
{ “id”: “default” }, “password”: “7049f834927e4468” }
}
},
“scope”:
{ “project”:
{ “name”: “demo”, “domain”:
{ “id”: “default” }
}
}
}
}’  http://192.169.142.127:5000/v3/auth/tokens ; echo

HTTP/1.1 201 Created
Date: Mon, 02 May 2016 10:41:25 GMT
Server: Apache/2.4.6 (CentOS)
X-Subject-Token: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx  &lt;= token value
Vary: X-Auth-Token
x-openstack-request-id: req-bed4f407-8cbd-4d43-acd5-7450d028bc45
Content-Length: 5791
Connection: close

Content-Type: application/json

*******************************************************************************
The run script extracting from response-export.json the rsa private key
*******************************************************************************

#!/bin/bash -x
echo “Genegating privare key for server access”
echo “—–BEGIN RSA PRIVATE KEY—–” > $1.pem
sed ‘s/\\n/\
/g’ <  response-export.json | grep -v “keypair” | grep -v “user_id” >> $1.pem
chmod 600 $1.pem

like :-

# ./filter.sh oskeymitakaV3

***********************************
Shell command [ 1 ]  :-
***********************************

sed ‘s/\\n/\
/g’ <  response-export.json

will replace ‘\n’ by Carriage Return in  response-export.json.

Now login to dashboard and verify that rsa public key gets uploaded

Relaunch Chrome Advanced Rest Client and launch server with
“key_name” : “oskeymitakaV3”

******************************************************************************
Login to server using rsa private key  oskeymitakaV3.pem
******************************************************************************

[boris@fedora23wks json]$ ssh -i oskeymitakaV3.pem ubuntu@192.169.142.169

The authenticity of host ‘192.169.142.169 (192.169.142.169)’ can’t be established.
ECDSA key fingerprint is SHA256:khfhZEHHwz7T18oIlKMCKWKY9b6ctsS8XMW5ZpVlRa8.
ECDSA key fingerprint is MD5:25:98:50:9f:b3:37:f3:a1:ed:95:5d:44:f4:03:13:14.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.169.142.169’ (ECDSA) to the list of known hosts.
Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-21-generic x86_64)
* Documentation:  https://help.ubuntu.com/
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
0 packages can be updated.
0 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
To run a command as administrator (user “root”), use “sudo “.
See “man sudo_root” for details.
ubuntu@ubuntuxenialdevs:~$

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: