← Back to team overview

cloud-init team mailing list archive

disabling root



Had a comment on the behavior with disabling root/setting up ssh login.

The configuration contains:
ssh_pwauth: False
lock-passwd: True
disable_root: True

And the expectation is that

ChallengeResponseAuthentication no
PermitRootLogin no

would be set, which is currently not the case. The user is getting the
desired behavior with:

 # Disable root and password SSH login
 - sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin no/'
 - sed -i -e
no/' /etc/ssh/sshd_config
 - sed -i -e '/^#PasswordAuthentication/s/^.*$/PasswordAuthentication
no/' /etc/ssh/sshd_config
 - systemctl restart sshd

Is this a behior change we might want to make in cloud-init?


Robert Schweikert                   MAY THE SOURCE BE WITH YOU
Distinguished Architect                       LINUX
Technical Team Lead Public Cloud
IRC: robjo

Follow ups