Authorized ssh keys

Could someone please explain why the default ssh authorized_keys file in a brand new clean GVL instance always seems to contain the key for Nick’s macbook?

Hi Tanya

Ah, yes! Well spotted. We put that ‘feature’ in for the CLIMB launch so it would be easy to remote in and fix problems on the day with people’s GVL instances, and it seems we didn’t get around to removing it.

Newly created instances will not have that issue, and of course you can remove it from your authorized_keys file if you wish to secure your instance further.

It’s worth mentioning - more generally - that for legal reasons the CLIMB administrators do need to maintain the ability to inspect the contents of server instances and we can do this by accessing the VM image files stored in CLIMB. This is, of course, a power we would expect to use in very unusual or extreme circumstances.

That never applied to custom instances where you supply your own key.


Thanks, Nick. Actually it looks like new GVL instances are still being created with your key firmly in place.

Genuinely a new instance, or just stopping/starting an existing one?

Completely new instance and not only on my account, saw someone else set up an instance and they had the same key present.