| 2012-09-21 09:01:45 |
Neil Wilson |
description |
I've had a look but I can't see any facilities within cloud-init config system to manipulate the sshd configuration settings.
ISTM that cloud-init should open up sshd to the minimum required by the users configured by the cloud-init process (or if told to widen it further).
So password auth should be off unless passwords are specified. key auth should be off unless keys are retrieved, etc.
At the moment the image I'm generating has password auth switched off in the default config, but obviously that means if somebody specifies a passworded user in the cloud-init config, then it won't work.
As an aside is there a general move to do all the 'cloud specific config' within cloud-init rather than in the image build?
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: cloud-init (not installed)
ProcVersionSignature: Ubuntu 3.2.0-30.48-generic 3.2.27
Uname: Linux 3.2.0-30-generic x86_64
ApportVersion: 2.0.1-0ubuntu13
Architecture: amd64
CheckboxSubmission: 55cafa5b8b82ed224cc59d444cb1fc25
CheckboxSystem: 3e53d3ea5811723345f19eff5070f9ab
Date: Fri Sep 21 09:53:01 2012
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
SourcePackage: cloud-init
UpgradeStatus: Upgraded to precise on 2012-05-07 (136 days ago) |
I've had a look but I can't see any facilities within cloud-init config system to manipulate the sshd configuration settings.
ISTM that cloud-init should open up sshd to the minimum required by the users configured by the cloud-init process (or if told to widen it further).
So password auth should be off unless passwords are specified. key auth should be off unless keys are retrieved, possibly sshd should not even be started if there are no users, etc.
At the moment the image I'm generating has password auth switched off in the default config, but obviously that means if somebody specifies a passworded user in the cloud-init config, then it won't work.
As an aside is there a general move to do all the 'cloud specific config' within cloud-init rather than in the image build?
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: cloud-init (not installed)
ProcVersionSignature: Ubuntu 3.2.0-30.48-generic 3.2.27
Uname: Linux 3.2.0-30-generic x86_64
ApportVersion: 2.0.1-0ubuntu13
Architecture: amd64
CheckboxSubmission: 55cafa5b8b82ed224cc59d444cb1fc25
CheckboxSystem: 3e53d3ea5811723345f19eff5070f9ab
Date: Fri Sep 21 09:53:01 2012
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
SourcePackage: cloud-init
UpgradeStatus: Upgraded to precise on 2012-05-07 (136 days ago) |
|
