Comment 3 for bug 1236883

Scott Moser (smoser) wrote :

The logic to do this seems sane, but generally I think its dangerous to just start setting root passwords at all.
My personal feeling is that cloud-init's path to root is superior (provisioning ssh keys to a non-root user with sudo access). I'd like to keep that the default behavior.

I'm not opposed to allowing config to turn this "use MD provided password". But generally, it just seems like an un-necessary security regression.

Thoughts?

(and thanks for taking the time to file the bug).