There are concerns about security keys generated during the CI process and so considered insecure.
And while Vagrant is considered as a solution for demo purposes, OVA could be used in prod environments.
The following needs to be auto-generated on first VM boot:
Solution would be systemd configs which rely on ssh/nginx services (runs as "before" dependency) and creates keys/certs if they're not there already.
This will ensure that SSH/SSL secrets are unique and not the same across all the users after our Packer builds.
Apart of that #17, - need to document as insecure:
vagrant Linux user with default vagrant passwordvagrant Linux user with default/known Hashicorp SSH private key
There are concerns about security keys generated during the CI process and so considered insecure.
And while Vagrant is considered as a solution for demo purposes, OVA could be used in prod environments.
The following needs to be auto-generated on first VM boot:
Stanleyprivate SSH key & take care of Authorized keySolution would be
systemdconfigs which rely on ssh/nginx services (runs as "before" dependency) and creates keys/certs if they're not there already.This will ensure that SSH/SSL secrets are unique and not the same across all the users after our Packer builds.
Apart of that #17, - need to document as insecure:
vagrantLinux user with defaultvagrantpasswordvagrantLinux user with default/known Hashicorp SSH private key