yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1834676] [NEW] Overriding default user to root doesn't work if ssh_pwauth is set to true

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Niklas Karoly <1834676@xxxxxxxxxxxxxxxxxx>
Date: Fri, 28 Jun 2019 17:51:10 -0000
Reply-to: Bug 1834676 <1834676@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

We were trying to change the default user from ubuntu to root and at the
same time allowing password authentication, which did not work. By
adding the "user: root" declaration the user is changed but "ssh_pwauth:
true" seems to be only anticipating that the user is not changed to root
since:

ssh_pwauth only sets PasswordAuthentication to yes in the sshd_config
but not PermitRootLogin.

I am not sure if this is done on purpose or if this is an actual bug.

Example Config:
#cloud-config
user: root
chpasswd: {expire: false}
password: metoo
disable_root: false
ssh_pwauth: true


If someone is stumbling over this via Google, here is a config with a workaround:
# override default_user from ubuntu -> root and allow ssh password logins as root

#cloud-config
user: root
chpasswd: {expire: false}
password: metoo
disable_root: false
ssh_pwauth: true
runcmd:
- echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
- systemctl restart ssh

** Affects: cloud-init
     Importance: Low
         Status: Triaged

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1834676

Title:
  Overriding default user to root doesn't work if ssh_pwauth is set to
  true

Status in cloud-init:
  Triaged

Bug description:
  We were trying to change the default user from ubuntu to root and at
  the same time allowing password authentication, which did not work. By
  adding the "user: root" declaration the user is changed but
  "ssh_pwauth: true" seems to be only anticipating that the user is not
  changed to root since:

  ssh_pwauth only sets PasswordAuthentication to yes in the sshd_config
  but not PermitRootLogin.

  I am not sure if this is done on purpose or if this is an actual bug.

  Example Config:
  #cloud-config
  user: root
  chpasswd: {expire: false}
  password: metoo
  disable_root: false
  ssh_pwauth: true

  
  If someone is stumbling over this via Google, here is a config with a workaround:
  # override default_user from ubuntu -> root and allow ssh password logins as root

  #cloud-config
  user: root
  chpasswd: {expire: false}
  password: metoo
  disable_root: false
  ssh_pwauth: true
  runcmd:
  - echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
  - systemctl restart ssh

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1834676/+subscriptions

Follow ups

[Bug 1834676] Re: Overriding default user to root doesn't work if ssh_pwauth is set to true
From: James Falcon, 2023-05-11