OpenStack services are authenticated and authorized against keystone identity server. Keystone provides a token and a service catolog containing information about the endpoints of services to which a user is authorized. Each user has a token and service catalog created for them. This can be downloaded from the OpenStack Dashboard.
You will also need to generate a keypair consisting of private key/public key to be able to launch instances on OpenStack. These keys are injected into the instances to make password-less SSH access to the instance. This depends on the way the necessary tools are bundled into the images. Please refer to the chapter on "Image Management" for more details.
Keypairs can also be generated using the following commands.
ssh-keygen cd .ssh nova keypair-add --pub_key id_rsa.pub mykey
This creates a new keypair called mykey. The private key id_rsa is saved locally in ~/.ssh which can be used to connect to an instance launched using mykey as the keypair. You can see the available keypairs with nova keypair-list command.
nova keypair-list +-------+-------------------------------------------------+ | Name | Fingerprint | +-------+-------------------------------------------------+ | mykey | b0:18:32:fa:4e:d4:3c:1b:c4:6c:dd:cb:53:29:13:82 | | mykey2 | b0:18:32:fa:4e:d4:3c:1b:c4:6c:dd:cb:53:29:13:82 | +-------+-------------------------------------------------+
Also while executing 'ssh-keygen' you can specify a custom location and custom file names for the keypairs that you want to create.
To delete an existing keypair:
nova keypair-delete mykey2
