On 13 August 2014 12:40, Jimmy Kaplowitz <[email protected]> wrote:
> Effective with the Debian images we published yesterday (dated 20140807), > Google Compute Engine is now using bootstrap-vz to build our Debian images, > in place of the old build-debian-cloud tool. All of the necessary code is > merged upstream in the development branch. Naturally we're also updated to > 7.6, though this is actually the second batch of 7.6 images we've > published, not the first. > > Adopting bootstrap-vz should make it easier to get Debian cloud team > members involved in building the image, since this is the actively > maintained codebase, and even has a package in NEW for a slightly older > version. Looking forward to seeing some of you at DebConf. > > When making the switch, we did notice that SSH password authentication is > unexpectedly no longer disabled across all clouds as it was in the old > tasks/38-security file. Was this intentional or accidentally lost in some > refactor? We're planning to push new images this week (and send a pull > request) restoring the pre-existing behavior on GCE, but if it was an > oversight more broadly, I can fix it in a shared part of the codebase > rather than just a GCE-specific part. > > - Jimmy > Great news! A quick note about the regression: It's because GCE doesn't use the ssh task group <https://github.com/andsens/bootstrap-vz/blob/master/bootstrapvz/common/task_groups.py#L78>. I think, for it to be more generally useful, the init script task should be removed. Alternatively you could just add DisableSSHPasswordAuthentication to the GCE tasklist. Anders
