Fedora IOT: How does Zezere actually work

Fedora IOT uses a service called zezere for provisioning. Currently all this appears to be able to do is load your ssh key. As a result I do not really use it, as arm-image-installer already puts my ssh key on SD card I use to boot my rPI with.

But how does zezere actually work? There must be something on the system that reaches out to the provisioning server. However I have not been able to find any trace or documentation of that something. Can someone point me in the right direction?

From what I can tell from having used it it has to work somehow like this:

  1. It sends the MAC address to Zezere online service at first start (and keeps a connection?).
  2. You register at https://provision.fedoraproject.org/ with your Fedora account.
  3. The online service shows you all devices from your (WAN) IP address with it’s corresponding MAC.
  4. You can claim a device, which submits your SSH keys to it and Zezere on the device accepts them and writes them where they should belong to.
    AFAIK after a device is claimed, it cannot be claimed again, i.e. no one else can now overtake your device.

This is high-level and just from what I guess it has to work and what I saw. I’m also very curious for more technical details though. :smiley:

Probably it should become something like the Azure-IoT Hub?

So the goal is one platform to manage all your devices?

What I basically wanted to find out what it was on Fedora IOT that was responsible for reaching out to zezere, so that I could disable it.
Because as it stands now zezere is basically pointless. I just copy my ssh key to the image when writing it to the SD card, so I have no use for it.

Turns out there is a zezere_ignition service and timer, and I just disabled it.