** Description changed: I've had a look but I can't see any facilities within cloud-init config system to manipulate the sshd configuration settings. ISTM that cloud-init should open up sshd to the minimum required by the users configured by the cloud-init process (or if told to widen it further). So password auth should be off unless passwords are specified. key auth - should be off unless keys are retrieved, etc. + should be off unless keys are retrieved, possibly sshd should not even + be started if there are no users, etc. At the moment the image I'm generating has password auth switched off in the default config, but obviously that means if somebody specifies a passworded user in the cloud-init config, then it won't work. As an aside is there a general move to do all the 'cloud specific config' within cloud-init rather than in the image build? ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: cloud-init (not installed) ProcVersionSignature: Ubuntu 3.2.0-30.48-generic 3.2.27 Uname: Linux 3.2.0-30-generic x86_64 ApportVersion: 2.0.1-0ubuntu13 Architecture: amd64 CheckboxSubmission: 55cafa5b8b82ed224cc59d444cb1fc25 CheckboxSystem: 3e53d3ea5811723345f19eff5070f9ab Date: Fri Sep 21 09:53:01 2012 InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012) SourcePackage: cloud-init UpgradeStatus: Upgraded to precise on 2012-05-07 (136 days ago)
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cloud-init in Ubuntu. https://bugs.launchpad.net/bugs/1053893 Title: cloud-init should be able to switch off password auth in sshd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1053893/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs