Managing key pairs
As a cloud image is a copy of an already existing disk image with an operating system already installed, the root users are generally disabled, and if the root password is set, it is usually not distributed. To overcome the inability to authenticate without a password, OpenStack uses SSH key pairs. If you remember, in Chapter 4, Image Management, we discussed the need for cloud-init to be installed in a cloud image. Then, in Chapter 5, Network Management, we discussed how cloud-init would connect to the metadata service via the IP address provided by the router. One of the primary roles of this process is to pull down the public SSH key that will be used for authentication. OpenStack provides a facility for you to manage your SSH key pairs so that you can select which will be used when you launch an instance. Let's start by generating a new key pair and listing it, as shown in the following commands:
control# nova keypair-add my_keypair -----BEGIN RSA PRIVATE KEY-----...