[Bug 1053893] Re: cloud-init should be able to switch off password auth in sshd
Neil Wilson
neil at aldur.co.uk
Fri Sep 21 09:00:31 UTC 2012
** Description changed:
I've had a look but I can't see any facilities within cloud-init config
system to manipulate the sshd configuration settings.
ISTM that cloud-init should open up sshd to the minimum required by the
users configured by the cloud-init process (or if told to widen it
further).
So password auth should be off unless passwords are specified. key auth
- should be off unless keys are retrieved, etc.
+ should be off unless keys are retrieved, possibly sshd should not even
+ be started if there are no users, etc.
At the moment the image I'm generating has password auth switched off in
the default config, but obviously that means if somebody specifies a
passworded user in the cloud-init config, then it won't work.
As an aside is there a general move to do all the 'cloud specific
config' within cloud-init rather than in the image build?
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: cloud-init (not installed)
ProcVersionSignature: Ubuntu 3.2.0-30.48-generic 3.2.27
Uname: Linux 3.2.0-30-generic x86_64
ApportVersion: 2.0.1-0ubuntu13
Architecture: amd64
CheckboxSubmission: 55cafa5b8b82ed224cc59d444cb1fc25
CheckboxSystem: 3e53d3ea5811723345f19eff5070f9ab
Date: Fri Sep 21 09:53:01 2012
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
SourcePackage: cloud-init
UpgradeStatus: Upgraded to precise on 2012-05-07 (136 days ago)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cloud-init in Ubuntu.
https://bugs.launchpad.net/bugs/1053893
Title:
cloud-init should be able to switch off password auth in sshd
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1053893/+subscriptions
More information about the Ubuntu-server-bugs
mailing list