Tim Quinn wrote:
> create-instance: This is a remote command (run anywhere, not necessarily
> on the instance), so the end-user authenticates with username and
> password to the DAS. This establishes that the end user is someone we
> want to allow to create an instance. The _create-instance-filesystem
> command that is sent over ssh to the instance carries with it a copy of
> the DAS's keystore - not the keys separately but the keystore file - and
> deposits it in the correct place. (Maybe the copy is accomplished as a
> separate scp command that's part of what create-instance does behind the
> scenes?? Joe?)
Yep. create-instance would scp it over, run
_create-instance-filesystem --keystore /somewhere/keystore
(or whatever) then remove it.
Joe