Skip to content
This repository has been archived by the owner on Jul 4, 2024. It is now read-only.

Root SSH access is not available in all images #87

Open
aegiap opened this issue Jan 6, 2015 · 3 comments
Open

Root SSH access is not available in all images #87

aegiap opened this issue Jan 6, 2015 · 3 comments
Assignees
@kalou

Comments

@aegiap
Copy link
Contributor

aegiap commented Jan 6, 2015

In some OS images, the SSH server is setup to only allow root connection with SSH public key. When a user create a VM (gandi vm create ...) without SSH public key but with a login, the root account is setup with this password, but the user cannot connect to the VM using SSH. Moreover the gandi vm create ... command cannot automatically SSH to the VM.

If the user use the --login and no --sshkey params in the CLI command, we could try to auto-SSH the VM after the creation of the VM with the login as parameter instead of using 'root' in all cases.
@aegiap
Copy link
Contributor Author

aegiap commented Jan 6, 2015

Possible patch to fix some use-case of this issue:

diff --git a/gandi/cli/modules/iaas.py b/gandi/cli/modules/iaas.py
index 412f296..f7f7908 100644
--- a/gandi/cli/modules/iaas.py
+++ b/gandi/cli/modules/iaas.py
@@ -308,13 +308,16 @@ class Iaas(GandiModule, SshkeyHelper):
         if vm_id and ip_version:
             cls.wait_for_sshd(vm_id)
             cls.ssh_keyscan(vm_id)
+            ssh_login = 'root'
+            if login:
+                ssh_login = login
             if script:
-                ret = cls.scp(vm_id, 'root', None, script, '/var/tmp/gscript')
+                ret = cls.scp(vm_id, ssh_login, None, script, '/var/tmp/gscript')
                 if not ret:
                     cls.error('Failed to scp script %s to VM %s (id: %s)' %
                               (script, hostname, vm_id))

-            ret = cls.ssh(vm_id, 'root', None, script and ['/var/tmp/gscript'])
+            ret = cls.ssh(vm_id, ssh_login, None, script and ['/var/tmp/gscript'])
             if not ret and (script and ['/var/tmp/gscript']):
                 cls.error('Failed to execute script %s on VM %s (id: %s)' %
                           ('/var/tmp/gscript', hostname, vm_id))

@sayoun
Copy link
Contributor

sayoun commented Jan 7, 2015

@kalou can you please validate this ?

@kalou
Copy link
Contributor

kalou commented Jan 8, 2015

The --script option is a temporary helper and should go into an api call someday.
However the use case "create a vm, deploy something as root on it, but also create a login" is broken with this. So we have to decide here if people will be complaining sooner than we APIze this feature.

The story "I'm logging in as the user if I specify one" is OK for me.

Your patch does not seem to apply on master -
You dont need that ssh_login extra variable here.

We have this line somewhere above the ssh part:

        if 'ssh_key' not in vm_params and 'keys' not in vm_params:
            return

That I think you also want to remove for this to work.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@kalou kalou

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aegiap @sayoun @kalou