maybe Vagrant developers should update their documentation, in https://www.vagrantup.com/docs/boxes/base.html, that or we are talking about different thigs.
<https://www.vagrantup.com/docs/boxes/base.html#quot-vagrant-quot-user> "vagrant" User By default, Vagrant expects a "vagrant" user to SSH into the machine as. This user should be setup with the insecure keypair <https://github.com/hashicorp/vagrant/tree/master/keys> that Vagrant uses as a default to attempt to SSH. Also, even though Vagrant uses key-based authentication by default, it is a general convention to set the password for the "vagrant" user to "vagrant". This lets people login as that user manually if they need to. To configure SSH access with the insecure keypair, place the public key into the ~/.ssh/authorized_keys file for the "vagrant" user. Note that OpenSSH is very picky about file permissions. Therefore, make sure that ~/.ssh has 0700 permissions and the authorized keys file has 0600 permissions. When Vagrant boots a box and detects the insecure keypair, it will automatically replace it with a randomly generated keypair for additional security while the box is running. » <https://www.vagrantup.com/docs/boxes/base.html#root-password-quot-vagrant-quot-> Root Password: "vagrant" Vagrant does not actually use or expect any root password. However, having a generally well known root password makes it easier for the general public to modify the machine if needed. Publicly available base boxes usually use a root password of "vagrant" to keep things easy. On Wed, May 16, 2018 at 6:25 PM, Alvaro Miranda Aguilera <[email protected]> wrote: > Hello > > This is wrong: > > " > if you set it to true, there at the initial provision of the box, vagrant > will connect to the box using default user/password (which are vagrant, > vagrant or ubuntu, ubuntu), and after that install ssh keys, in the host > and ~.ssh/authorized keys of the guest box instance, and afterwards will > disable user password interactive login." > > Vagrant doesn't work in that way. > > Vagrant by default doesn't use user/pass use the insecure key. > > if you want to re-share a box, the easiest way is: > > - create your own box > - tell the intermediate box to keep the insecure keys. > > any other option will be overcomplicating things. > > take note the original user is asking to re-share a box, not a vagranfile > project. > > Alvaro. > > On Wed, May 16, 2018 at 6:53 PM, Mário Costa <[email protected]> > wrote: > >> Hi again, >> >> Why do you need " config.ssh.insert_key = false", check here what it >> does: https://www.vagrantup.com/docs/vagrantfile/ssh_settings.html >> >> if you set it to true, there at the initial provision of the box, vagrant >> will connect to the box using default user/password (which are vagrant, >> vagrant or ubuntu, ubuntu), and after that install ssh keys, in the host >> and ~.ssh/authorized keys of the guest box instance, and afterwards will >> disable user password interactive login. >> >> This is pretty secure if you are accessing and provisioning the box >> within your host pc, having e.g. virtualbox nat network. I'm not 100% sure >> that default user/pass are disabled for all boxes, but if you are not >> exposing your boxes via bridged network then its ok, I guess. >> >> These are my 5 cents on the issue, but still I don't understand, wy you >> set "config.ssh.insert_key = false" instead of letting your vagrant deal >> with the key generation automatically, by setting the default >> "config.ssh.insert_key = true" >> >> My use case I, just distribute a Vagrantfile with the box and a set of >> provisioning scripts under /scripts directory, that are invoked from the >> Vagrantfile, shell provisioner. >> >> Then, users just do, vagrant up && vagrant ssh, and its working in their >> local machines. >> >> >> On Wed, May 16, 2018 at 4:49 PM, Alvaro Miranda Aguilera < >> [email protected]> wrote: >> >>> Hello >>> >>> If you have problems understanding the chicken egg that happens here is >>> good to slow down, and take a look at the bigger picture. >>> >>> 1. build your own box thats fit for the task you need >>> 2. share it >>> 3. profit >>> >>> simple as that. >>> >>> If you are able to vagrant up / vagrant ssh the initial box, then the >>> part when the box "become un-usable" is on your side of tasks >>> >>> I would suggest. >>> >>> A. use config.ssh.insert_key = false >>> B. vagrant up from a box you want to share >>> C. ensure you follow OS guidelines to create a template >>> D. package the box and share >>> >>> >>> Depending on the OS, you need to do something to bring the box to a >>> clean state. >>> >>> >>> Thanks >>> Alvaro. >>> >>> On Wed, May 16, 2018 at 1:04 PM, 'ben wyatt' via Vagrant < >>> [email protected]> wrote: >>> >>>> Seriously - I have been trying for 4 days non-stop. >>>> >>>> What I would like to do: >>>> >>>> 1. Download minimal/centos7 >>>> 2. Update yum, install python-pip & ansible, update vboxguestadditions >>>> 3. Package >>>> 4. Upload to share site >>>> 5. User downloads and does NOTHING apart from 'vagrant up' and 'vagrant >>>> ssh', no ssh-keygen shenanigans or downloading the public insecure key >>>> >>>> Obviously as I am sure you can imagine, there are all sorts of ssh >>>> issues rendering it impossible to share the box. A shared box should be >>>> like a clean install for anyone downloading it - just like when one >>>> downloads minimal/centos7 - no messing about with keys or whatever - just >>>> vagrant up && vagrant ssh and you are in. >>>> >>>> config.ssh.insert_key = false - obviously doesn't work >>>> >>>> Vagrant is a great idea - why have they completely fecked it with this >>>> idiotic ssh nonsense!!! >>>> >>>> Any help would be hugely appreciated!!!! >>>> >>>> Many thanks in advance, >>>> >>>> Ben >>>> >>>> -- >>>> This mailing list is governed under the HashiCorp Community Guidelines >>>> - https://www.hashicorp.com/community-guidelines.html. Behavior in >>>> violation of those guidelines may result in your removal from this mailing >>>> list. >>>> >>>> GitHub Issues: https://github.com/mitchellh/vagrant/issues >>>> IRC: #vagrant on Freenode >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "Vagrant" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit https://groups.google.com/d/ms >>>> gid/vagrant-up/eced5bae-1d6e-4ac2-8628-f18f0665cf90%40googlegroups.com >>>> <https://groups.google.com/d/msgid/vagrant-up/eced5bae-1d6e-4ac2-8628-f18f0665cf90%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> >>> >>> -- >>> Alvaro >>> >>> -- >>> This mailing list is governed under the HashiCorp Community Guidelines - >>> https://www.hashicorp.com/community-guidelines.html. Behavior in >>> violation of those guidelines may result in your removal from this mailing >>> list. >>> >>> GitHub Issues: https://github.com/mitchellh/vagrant/issues >>> IRC: #vagrant on Freenode >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "Vagrant" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit https://groups.google.com/d/ms >>> gid/vagrant-up/CAHqq0ezFJVVTrZ4NgT%2BpsZnZrn-p%3D1Ou3BXiRRB3 >>> O1k47B%3DYbA%40mail.gmail.com >>> <https://groups.google.com/d/msgid/vagrant-up/CAHqq0ezFJVVTrZ4NgT%2BpsZnZrn-p%3D1Ou3BXiRRB3O1k47B%3DYbA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/vagrant/issues >> IRC: #vagrant on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Vagrant" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit https://groups.google.com/d/ms >> gid/vagrant-up/CALGGjJYz8gT9h73cUNhh8nhS4StUNnYn%3DJ%2BN9E% >> 2Bwga7JCZkqow%40mail.gmail.com >> <https://groups.google.com/d/msgid/vagrant-up/CALGGjJYz8gT9h73cUNhh8nhS4StUNnYn%3DJ%2BN9E%2Bwga7JCZkqow%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > Alvaro > > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/vagrant/issues > IRC: #vagrant on Freenode > --- > You received this message because you are subscribed to the Google Groups > "Vagrant" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/vagrant-up/CAHqq0ezsFpkd9EOZQpyWTNnLVJW%3DP1X2RhuyaZQNxFhTrt7BVA% > 40mail.gmail.com > <https://groups.google.com/d/msgid/vagrant-up/CAHqq0ezsFpkd9EOZQpyWTNnLVJW%3DP1X2RhuyaZQNxFhTrt7BVA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/vagrant/issues IRC: #vagrant on Freenode --- You received this message because you are subscribed to the Google Groups "Vagrant" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/CALGGjJa4eXepQPFOGQmDSLqHed%3DoHkHAoXtpjtT30fferzNEzg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
