Overriding default user to root doesn't work if ssh_pwauth is set to true
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-init |
Expired
|
Low
|
Unassigned |
Bug Description
We were trying to change the default user from ubuntu to root and at the same time allowing password authentication, which did not work. By adding the "user: root" declaration the user is changed but "ssh_pwauth: true" seems to be only anticipating that the user is not changed to root since:
ssh_pwauth only sets PasswordAuthent
I am not sure if this is done on purpose or if this is an actual bug.
Example Config:
#cloud-config
user: root
chpasswd: {expire: false}
password: metoo
disable_root: false
ssh_pwauth: true
If someone is stumbling over this via Google, here is a config with a workaround:
# override default_user from ubuntu -> root and allow ssh password logins as root
#cloud-config
user: root
chpasswd: {expire: false}
password: metoo
disable_root: false
ssh_pwauth: true
runcmd:
- echo "PermitRootLogin yes" >> /etc/ssh/
- systemctl restart ssh
Changed in cloud-init: | |
status: | New → Triaged |
importance: | Undecided → Low |
description: | updated |
Confirmed this workaround works for me until this bug is fixed.
Things to note: distros/ ug_util. py:normalize_ users_groups is responsible for parsing the deprecated/ undocumented 'user: root' override of default_user.
cloudinit/
1. we either need to document and support this default_user override (as I see no other override options for default_user from cloud-config other than writing system_config on disk in /etc/cloud/ cloud.cfg( .d/*)?
2. we need to have handle_ssh_pwauth in cloudinit/ config/ cc_ssh. py set PermitRootLogin = yes if default_user is root