← Back to team overview

cloud-init team mailing list archive

disabling root

 

Hi,

Had a comment on the behavior with disabling root/setting up ssh login.

The configuration contains:
ssh_pwauth: False
lock-passwd: True
disable_root: True

And the expectation is that

ChallengeResponseAuthentication no
PermitRootLogin no

would be set, which is currently not the case. The user is getting the
desired behavior with:

runcmd:
 # Disable root and password SSH login
 - sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin no/'
/etc/ssh/sshd_config
 - sed -i -e
'/^#ChallengeResponseAuthentication/s/^.*$/ChallengeResponseAuthentication
no/' /etc/ssh/sshd_config
 - sed -i -e '/^#PasswordAuthentication/s/^.*$/PasswordAuthentication
no/' /etc/ssh/sshd_config
 - systemctl restart sshd

Is this a behior change we might want to make in cloud-init?

Thanks,
Robert

-- 
Robert Schweikert                   MAY THE SOURCE BE WITH YOU
Distinguished Architect                       LINUX
Technical Team Lead Public Cloud
rjschwei@xxxxxxxx
IRC: robjo


Follow ups