Public bug reported:
When cloud-init runs, it populates root's .ssh/authorized_keys with an entry
like:
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please
login as the user \"ubuntu\" rather than the user \"root\".';echo;sleep 10"
ssh-rsa A....dLQ0= nova@dziban
That blocks login as root with that key, and provides the user with a
message saying to login as the "ubuntu" user instead.
This is a security choice made by Ubuntu, and nova is overriding that
choice by inserting the key into /root/.ssh/authorized_keys when the
image is being built.
Personally, I think that disks provided to nova should be provided to
the guest 100% unmodified in all cases, but at very least, this needs to
be configurable.
ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: nova-compute 2011.3~d4~20110812.1417-0ubuntu1
ProcVersionSignature: Ubuntu 3.0.0-9.14-virtual 3.0.3
Uname: Linux 3.0.0-9-virtual i686
Architecture: i386
Date: Thu Aug 25 03:19:39 2011
PackageArchitecture: all
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: nova
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: nova (Ubuntu)
Importance: Undecided
Status: New
** Tags: apport-bug ec2-images i386 oneiric uec-images
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/833499
Title:
virt/disk.py unconditionally inserts public_keys into
/root/.ssh/authorized_keys
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/833499/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
