Hi guys,
Got this working - had a mistake in my curl post...X-Auth_Token instead of
X-Auth-Token...
This simpler command gets the token (thanks Ioannis)
curl -d '{"auth":{"passwordCredentials":{"username": "admin-volos",
"password": "yourpassword"}}}' -H "Content-type: application/json"
http://cloud.lab.fiware.org:4731/v2.0/tokens
And then this command does the upload...
curl --request POST --url http://aiakos.lab.fiware.org:3000/v1/support
--header 'accept: text/plain' --header 'content-type: text/plain' --header
'X-Auth-Token: YOURTOKEN FROM ABOVE COMMAND' --data @public.gpg
(assuming that the gpg cert is in a file called public.gpg in the current
dir).
This command can be used to check:
curl --url http://aiakos.lab.fiware.org:3000/v1/support/zurich/gpgkey
--header 'accept: text/plain' --header 'content-type: text/plain' --header
'X-Auth-Token: YOUR TOKEN AS ABOVE'
Hope this helps,
Seán.
On Mon, Feb 8, 2016 at 2:21 PM, Sean Murphy <murp at zhaw.ch> wrote:
> Hi Henar, all,
>
> Thanks for this.
>
> I'm sure I'm doing something wrong, but when I tried this, I get the
> following:
>
> root at node-1:~/public_keys# curl -i '
> http://cloud.lab.fiware.org:4730/v2.0/tokens' -X POST -H "Accept:
> application/json" -H "Content-Type: application/json" -H "User-Agent:
> python-novaclient" -d '{"auth": {"passwordCredentials": {"username":
> "admin-zurich", "password": "<REDACTED>"}, "tenantId":
> "00000000000003228460960090160000"}}'
> HTTP/1.1 200 OK
> Vary: X-Auth-Token
> Content-Type: application/json
> Content-Length: 59424
> Date: Mon, 08 Feb 2016 13:11:29 GMT
> Connection: close
>
> {"access": {"token": {"issued_at": "2016-02-08T13:11:29.680673",
> "expires": "2016-02-09T13:11:29Z", "id": "<REDACTED>", "tenant":
> {"description": "Cloud admin", "enabled": true, "id":
> "00000000000003228460960090160000", "name": "admin"}, "audit_ids":
> ["u3mdW7MsSBedP5M5NHuJRw"]},
>
> <---SNIP--->
>
> root at node-1:~/public_keys# curl --request POST --url
> http://aiakos.lab.fiware.org:3000/v1/support --header 'accept:
> text/plain' --header 'content-type: text/plain' --header 'X-Auth_Token:
> <REDACTED>' --data 'ssh-rsa
> AAAAB3NzaC1yc2EAAAADAQABAAABAQCXFf/3sR0IO27mZsUwSRkfD/uFYbqaJGMvZKLCJglxFjnYW0DJG5VACGD5U3SM7oq7xmM544t778lbG2bAXTiWl9mK3R3+uUMPBIXCIUpBL+9MwCW0V7QlLd+8bduhiPps8ywk0wOi5LaQb4kM3GrCLztQuAPIm490ShkLkSnyBp8E7/5gTbioT3yFE0juz5yLzOV/hqVQ8l52V8rsQOZ88hfIw4DAi/MsWdNeO3FlpKTaOQr550izSuxH0J07fKgbo2dYoOB3wlhVYiKWwn83Q2f1NiG7NOWj3ZqnjGo1yzoTDEZRoweh7ayr72bQy0KipcciC9oaTtUq2+JRL9Kb
> seanmurphy at Seans-MacBook-Pro.local' --verbose
> * About to connect() to aiakos.lab.fiware.org port 3000 (#0)
> * Trying 130.206.84.19... connected
> > POST /v1/support HTTP/1.1
> > User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0
> OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> > Host: aiakos.lab.fiware.org:3000
> > accept: text/plain
> > content-type: text/plain
> > X-Auth_Token: <REDACTED>
> > Content-Length: 415
> >
> * upload completely sent off: 415out of 415 bytes
> ^C
>
> (COMMENT BY SM - THIS DID NOT WORK - IT JUST HUNG....)
>
> root at node-1:~/public_keys# curl --request POST --url
> http://aiakos.lab.fiware.org:3000/v1/support --header 'accept:
> text/plain' --header 'content-type: text/plain' --header 'X-Auth_Token:
> <REDACTED>' --data 'ssh-rsa
> AAAAB3NzaC1yc2EAAAADAQABAAABAQCXFf/3sR0IO27mZsUwSRkfD/uFYbqaJGMvZKLCJglxFjnYW0DJG5VACGD5U3SM7oq7xmM544t778lbG2bAXTiWl9mK3R3+uUMPBIXCIUpBL+9MwCW0V7QlLd+8bduhiPps8ywk0wOi5LaQb4kM3GrCLztQuAPIm490ShkLkSnyBp8E7/5gTbioT3yFE0juz5yLzOV/hqVQ8l52V8rsQOZ88hfIw4DAi/MsWdNeO3FlpKTaOQr550izSuxH0J07fKgbo2dYoOB3wlhVYiKWwn83Q2f1NiG7NOWj3ZqnjGo1yzoTDEZRoweh7ayr72bQy0KipcciC9oaTtUq2+JRL9Kb
> seanmurphy at Seans-MacBook-Pro.local' --verbose
> * About to connect() to aiakos.lab.fiware.org port 3000 (#0)
> * Trying 130.206.84.19... connected
> > POST /v1/support HTTP/1.1
> > User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0
> OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> > Host: aiakos.lab.fiware.org:3000
> > accept: text/plain
> > content-type: text/plain
> > X-Auth_Token: <REDACTED>
> > Content-Length: 415
> >
> * upload completely sent off: 415out of 415 bytes
> < HTTP/1.1 401 Unauthorized
> < X-Powered-By: Express
> < X-Content-Type-Options: nosniff
> < Content-Type: text/html; charset=utf-8
> < Content-Length: 291
> < Date: Mon, 08 Feb 2016 13:14:55 GMT
> < Connection: keep-alive
> <
> Error<br> at IncomingMessage.<anonymous>
> (/opt/fiware/fiware-aiakos/lib/routes/openstack.js:100:33)<br>
> at IncomingMessage.emit (events.js:117:20)<br> at
> _stream_readable.js:944:16<br> at process._tickDomainCallback
> (node.js:486:13)
> * Connection #0 to host aiakos.lab.fiware.org left intact
> * Closing connection #0
> root at node-1:~/public_keys#
>
> I guess it's a problem with authentication - any ideas where the problem
> might be?
>
> Thanks,
> Seán.
>
>
>
> On Mon, Feb 8, 2016 at 11:06 AM, HENAR MUÑOZ FRUTOS via RT <
> xifi-support at rt.cesnet.cz> wrote:
>
>> Hi
>> When you send the POST request, you send the token id of your region
>> admin user. With this token aiakos obtains the region it belongs to. The
>> request is the same for the sskkey or gpgkey. Aiakos detects if there is a
>> ssh or gpg key according to the payload sent.
>>
>> The POST request (with curl) would be:
>> curl --request POST --url http://aiakos.lab.fiware.org:3000/v1/support
>> --header 'accept: text/plain' --header 'content-type: text/plain’ --header
>> ‘X-Auth-Token: your token id’ —data your ssh key path or gpg key path
>>
>> Regards,
>> Henar
>>
>> De: "murp at zhaw.ch<mailto:murp at zhaw.ch>" <murp at zhaw.ch<mailto:murp at zhaw.ch
>> >>
>> Fecha: lunes, 8 de febrero de 2016 10:29
>> Para: "xifi-support at rt.cesnet.cz<mailto:xifi-support at rt.cesnet.cz>" <
>> xifi-support at rt.cesnet.cz<mailto:xifi-support at rt.cesnet.cz>>
>> CC: "fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes at lists.fiware.org>" <
>> fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes at lists.fiware.org>>
>> Asunto: Re: [Fiware-lab-federation-nodes] [CESNET #148600] Re: key
>> generation
>>
>> Hi all,
>>
>> Has anyone managed to do this?
>>
>> I've generated our ssh and gpg keys. I don't know how to upload them.
>>
>> If I understand from Henar, I should use the following endpoint:
>>
>> http://aiakos.lab.fiware.org:3000/v1/support
>>
>> However, I'm not sure how to generate the curl request. I don't understand
>> how I send my ssh keys and gpg keys to the endpoint; I also don't
>> understand
>> how the endpoint can know for which node/region the keys apply.
>>
>> @Henar (or anyone else!) - would you be able to provide a curl example of
>> how to
>> post our keys to the endpoint above?
>>
>> Thanks and rgds,
>> Seán.
>>
>>
>>
>>
>>
>> On Wed, Feb 3, 2016 at 10:58 AM, HENAR MUÑOZ FRUTOS via RT <
>> xifi-support at rt.cesnet.cz<mailto:xifi-support at rt.cesnet.cz>> wrote:
>> Hi
>> The endpoint for the POST request is
>> http://aiakos.lab.fiware.org:3000/v1/support<
>> http://aiakos.lab.fiware.org:3000/v1/support/Lannion2/gpgkey> not (
>> http://aiakos.lab.fiware.org:3000/v1/support/Lannion2/gpgkey).
>> Regards,
>> Henar
>>
>> De: Cristian CMECIU <ccmeciu at images-et-reseaux.com<mailto:
>> ccmeciu at images-et-reseaux.com><mailto:ccmeciu at images-et-reseaux.com
>> <mailto:ccmeciu at images-et-reseaux.com>>>
>> Fecha: miércoles, 3 de febrero de 2016 10:57
>> Para: "murp at zhaw.ch<mailto:murp at zhaw.ch><mailto:murp at zhaw.ch<mailto:
>> murp at zhaw.ch>>" <murp at zhaw.ch<mailto:murp at zhaw.ch><mailto:murp at zhaw.ch
>> <mailto:murp at zhaw.ch>>>
>> CC: "fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes at lists.fiware.org><mailto:
>> fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes at lists.fiware.org>>" <
>> fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes at lists.fiware.org><mailto:
>> fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes at lists.fiware.org>>>
>> Asunto: Re: [Fiware-lab-federation-nodes] key generation
>>
>> Hi all,
>>
>> The Lannion node will use the same type of key: RSA 2048bits, valid for 2
>> years.
>>
>> Have anyone succeeded to upload these keys to the Aiakos service?
>> When I'm trying to make a POST request I receive an 405 error: "Method
>> not allowed"
>>
>> I used a POST request as in the following example:
>> curl --request POST \
>> --url http://aiakos.lab.fiware.org:3000/v1/support/Lannion2/gpgkey \
>> --header 'accept: text/plain' \
>> --header 'content-type: text/plain' \
>> --data '-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.4.11
>> (GNU/Linux)\n\nmQENBFawwG4BCADNFOwCWJOwOAoN2tGC2Gs5aMZSs5y7ZQzpQS5PZNRSbMQUEzF4\n-----END
>> PGP PUBLIC KEY BLOCK-----'
>>
>> Can anyone help me to solve it?
>>
>> BR,
>> Cristian
>>
>> De : fiware-lab-federation-nodes-bounces at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes-bounces at lists.fiware.org><mailto:
>> fiware-lab-federation-nodes-bounces at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes-bounces at lists.fiware.org>> [mailto:
>> fiware-lab-federation-nodes-bounces at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes-bounces at lists.fiware.org>] De la part de
>> Vicent Borja Torres
>> Envoyé : jeudi 28 janvier 2016 11:04
>> À : Sean Murphy; fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes at lists.fiware.org><mailto:
>> fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> fiware-lab-federation-nodes at lists.fiware.org>>
>> Objet : Re: [Fiware-lab-federation-nodes] key generation
>>
>> Hello Sean,
>>
>> From Gent node, we are going to use same as you. At least, we are two
>> nodes on the same page.
>>
>> Regards,
>>
>> Vicent.
>> On 25/01/16 09:16, Sean Murphy wrote:
>> Hi all,
>>
>> (I could put this on the ticket, but then I think that many folks
>> would not see it).
>>
>> Quick q around the help ticket relating to keys: what key types
>> and durations should we generate? (I know this is up to us, but
>> I guess it's good if we are reasonably consistent and solve the
>> problem together instead of all solving it individually).
>>
>> I guess for SSH we should go with 2048 bit RSA and the same
>> for GPG with a 2 year duration. Is this what the rest of you are
>> thinking?
>>
>> BR,
>> Seán.
>>
>>
>>
>>
>>
>> _______________________________________________
>>
>> Fiware-lab-federation-nodes mailing list
>>
>> Fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> Fiware-lab-federation-nodes at lists.fiware.org><mailto:
>> Fiware-lab-federation-nodes at lists.fiware.org<mailto:
>> Fiware-lab-federation-nodes at lists.fiware.org>>
>>
>> https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
>>
>>
>> ________________________________
>>
>> Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario,
>> puede contener información privilegiada o confidencial y es para uso
>> exclusivo de la persona o entidad de destino. Si no es usted. el
>> destinatario indicado, queda notificado de que la lectura, utilización,
>> divulgación y/o copia sin autorización puede estar prohibida en virtud de
>> la legislación vigente. Si ha recibido este mensaje por error, le rogamos
>> que nos lo comunique inmediatamente por esta misma vía y proceda a su
>> destrucción.
>>
>> The information contained in this transmission is privileged and
>> confidential information intended only for the use of the individual or
>> entity named above. If the reader of this message is not the intended
>> recipient, you are hereby notified that any dissemination, distribution or
>> copying of this communication is strictly prohibited. If you have received
>> this transmission in error, do not read it. Please immediately reply to the
>> sender that you have received this communication in error and then delete
>> it.
>>
>> Esta mensagem e seus anexos se dirigem exclusivamente ao seu
>> destinatário, pode conter informação privilegiada ou confidencial e é para
>> uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o
>> destinatário indicado, fica notificado de que a leitura, utilização,
>> divulgação e/ou cópia sem autorização pode estar proibida em virtude da
>> legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos
>> o comunique imediatamente por esta mesma via e proceda a sua destruição
>>
>>
>>
>> ________________________________
>>
>> Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario,
>> puede contener información privilegiada o confidencial y es para uso
>> exclusivo de la persona o entidad de destino. Si no es usted. el
>> destinatario indicado, queda notificado de que la lectura, utilización,
>> divulgación y/o copia sin autorización puede estar prohibida en virtud de
>> la legislación vigente. Si ha recibido este mensaje por error, le rogamos
>> que nos lo comunique inmediatamente por esta misma vía y proceda a su
>> destrucción.
>>
>> The information contained in this transmission is privileged and
>> confidential information intended only for the use of the individual or
>> entity named above. If the reader of this message is not the intended
>> recipient, you are hereby notified that any dissemination, distribution or
>> copying of this communication is strictly prohibited. If you have received
>> this transmission in error, do not read it. Please immediately reply to the
>> sender that you have received this communication in error and then delete
>> it.
>>
>> Esta mensagem e seus anexos se dirigem exclusivamente ao seu
>> destinatário, pode conter informação privilegiada ou confidencial e é para
>> uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o
>> destinatário indicado, fica notificado de que a leitura, utilização,
>> divulgação e/ou cópia sem autorização pode estar proibida em virtude da
>> legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos
>> o comunique imediatamente por esta mesma via e proceda a sua destruição
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20160209/4b8da940/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy