[DOCS-1511] Backup - Public key for SCP restores Created: 13/May/13  Updated: 14/Jun/13  Resolved: 14/Jun/13

Status: Closed
Project: Documentation
Component/s: Cloud Manager
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Steve Briskin (Inactive) Assignee: Allison Reinheimer Moore
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File Screen Shot 2013-05-19 at 10.35.47 AM.png     PNG File Screen Shot 2013-06-04 at 6.11.54 PM.png     PNG File Screen Shot 2013-06-04 at 6.12.21 PM.png    
Participants:
Days since reply: 10 years, 35 weeks, 5 days ago

 Description   

A customer can restore a backup using SCP, where we will SCP the snapshot to them. Rather than providing login credentials, they can add our public key to trusted hosts. Provide information on how to do this (key information, and how to add it to trusted hosts). And a recommendation to remove it after the restore for security reasons.

Key:
ssh-dss AAAAB3NzaC1kc3MAAACBAPz6SsWWZpv8hnlOwiy7mvuBYjF4mZGpb89OC3B0lUOtFVQpOkgdxLaLnXuSo9UzhqAmVwxxb65FrPfwrvQsvGgBk0ZvUdIo1/quc5E87siNcqvsACd1QeiXsIROmzwHzaC9nwkSDK3Poih0z437TjUVxMXK0pbTI6MIFum6OgTVAAAAFQDGSkiers+ggnZGjMIz2VnmQoOrGwAAAIEAuRnOp6sEaJOyr15MsB+pdzBXd9Y1E9Y0/EDWJqa/f4KW6dCW7jUbt+w+WsgFShqomH5tHGPYK04+jg3uS94r/shZzpS1caKgTAR0/ofqHxDHc+PYw0NublFZsgkdshyVWG9GWgNNFV79y7EH0JQUnA7ErJEN+Fj+imA1+uScXx8AAACBAPqS59KXMEHuL+JQQgO72JTwb6S8qdbI5lXaraAVNcrsNLcDHc9GKFON/BnoGZLUWi4CdZMq8wFy7sgC8cMQ9YsmwXQpkRLVrmWouhgmNJzK3Sfd7zcQ/5ZBxmVyPhekwTI7aW3tSTrmlw30Tk3oBVicU7ouVvw4czcK4NoGtH75 brs-d@10gen.com

On *nix and macosx, should be added to user's ~/.ssh/authorized_keys file. Maybe provide a screenshot of what it should look like.

Cailin will add abridged instructions on the UI. Please keep her in the loop.



 Comments   
Comment by auto [ 14/Jun/13 ]

Author:

{u'username': u'schmalliso', u'name': u'schmalliso', u'email': u'allison.moore@10gen.com'}

Message: DOCS-1511 instructions for adding our public key to trusted hosts, updating public key
Branch: master
https://github.com/10gen/mms-docs/commit/39b187304b1f7276ab268126b39b49a89f1ea26f

Comment by Allison Reinheimer Moore [ 05/Jun/13 ]

All good, I probably should've realized since I documented the "Backup and Restore Public Key" option in the Settings documentation.

I've updated the instructions and it's back in code review: http://codereview.10gen.com/10848028/

Comment by Cailin Nelson [ 04/Jun/13 ]

Okay, here's how it works now...

The big change is that there is no longer any such thing as "the public key". We're now generating a public key (and a private) key on a per user basis.

Before a user can initiate a restore via SCP they need to go to Settings and choose "Backup and Restore Public Key". Then they type in a password (used to encrypt the key) and we generate a public/private key pair. We store the private key (encrypted) and display the public key to them.

They need to take the displayed public key and add it to the .ssh/authorized_keys file on appropriate server on their end. (I.e. the server to which they want us to copy the restore files).

Very sorry about forgetting about this change, which was part of the June 3rd release.

Comment by Cailin Nelson [ 19/May/13 ]

We've had to change the key. The key is now

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA8IGwCGYIFL60o6Cy2y5WyTPYPXx8XM/l5wJsQszKa0DvJCBL6doBAPuVOdVmrafbka6dXjxeI1lJYRYG3nMHGA03Ge78HjyBoPO20E/yEXwXjjU3j9v3f6ubgFq82cE8voRTZGtGYNuz0A5yH0u696Ju/Q61zlbyaEtbGifaITesL+E5iVXYDPnEHWA1gIv5tQv8xZlaM9CTH7UqiIylTlpHi5mII0MLPJuTeui0iU8huxaHB/BpUM7eG36TOkcsCBlY00bT3Ms0+HiuMkYAZ7GPClhZeUck+P7upHgjb2mUywvrWciWjAW2XfE3H5ZJRvJ4fZ2rKw8e0MUBfUchkw== brs-restore@10gen.com

Attaching screenshot of the abridged documentation that occurs in the app.

Generated at Thu Feb 08 07:41:12 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.