[SOLVED] Cloud-init replaces/overwrites "PasswordAuthentication"

R

Razva

Renowned Member
Dec 3, 2013
250
8
83
Romania
cncted.com
Hello,

It seems that Proxmox's cloud-init replaces any "PasswordAuthentication" settings previously made by the user and/or by the initial OS image.

Example: we're using CentOS7's default Cloud image, which has "PasswordAuthentication yes" set by default. When inspecting the image with guestfish the /etc/ssh/sshd_config file clearly states "PasswordAuthentication yes". When running a VM on Proxmox (via cloud-init) the file is altered with "PasswordAuthentication no".

We even tried to make a custom sshd_config, it gets overwritten.

Please advise.

Thanks,
Razva
 
Razva said:
It seems that Proxmox's cloud-init replaces any "PasswordAuthentication" settings previously made by the user and/or by the initial OS image.
Click to expand...
AFAICT, the could-init settings you can set do only disable root login and set add ssh keys. No config change.

Razva said:
We even tried to make a custom sshd_config, it gets overwritten.
Click to expand...
You may check the cloud-init config on the guest, there maybe some settings that are done additionally.

EDIT: https://serverfault.com/questions/412113/aws-how-to-stop-cloud-init-from-disabling-root-login
 
Last edited:
Razva said:
There's no cloud.cfg on Proxmox. Should we generate it manually? If yes, what path should we use?
Click to expand...
This config is on the guest, not on the host.
 
As @Alwin mentioned, the solution is trivial.

1. Open the .qcow2 image with the editor of your choice. I'm using guestfish as it's the most easy to use.
2. Edit /etc/cloud/cloud.cfg in the after mentioned .qcow2 guest image, and set the following options:
Code: 
disable_root: 0
ssh_pwauth:   1
3. Use the resulting image into generating a Proxmox Template. You can use my Promox Template Generator script.
4. Clone that Template into a new VM and set the appropriate Cloud-init values. The resulting VM will allow you to connect to SSH via user/pass.
 
Last edited:
  • Like
Reactions: karnz
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back