diff --git a/modules/creating-custom-live-rhcos-iso.adoc b/modules/creating-custom-live-rhcos-iso.adoc index de00b216fbb3..be3121ec7bef 100644 --- a/modules/creating-custom-live-rhcos-iso.adoc +++ b/modules/creating-custom-live-rhcos-iso.adoc @@ -22,67 +22,36 @@ You can create a live {op-system} ISO with SSHd enabled and with predefined cred . Create the `embedded.yaml` file that the `butane` utility uses to create the Ignition file: + -[source,yaml] +[source,yaml,subs="attributes+"] ---- -variant: rhcos -version: 0.1.0 +variant: openshift +version: {product-version}.0 +metadata: + name: sshd + labels: + machineconfiguration.openshift.io/role: worker passwd: users: - - name: root + - name: core <1> ssh_authorized_keys: - '' - password_hash: '$2b$05$aAd9TkvWnvUmeDQEA9vkiOoCqCZgd6cWn0xXwe.ii/TqeCxUC0Z0G' <1> -storage: - files: - - path: /etc/ssh/sshd_config - contents: - local: ./live-sshd_config - mode: 0600 - overwrite: true ---- -<1> `yescrypt` passwords are not supported in {op-system}. Use `bcrypt` instead when you create the `password_hash`. +<1> The `core` user has sudo privileges. -. Create the `files-dir/` folder and copy the default `sshd_config` file into the folder. - -. Update the following fields in the `files-dir/sshd_config` file: -+ -[source,bash] ----- -[...] -PermitRootLogin yes <1> -[...] -PasswordAuthentication yes <2> ----- -<1> Allows access to the server as a root user. -<2> Allows access to the server by using a password. - -+ -[IMPORTANT] -==== -The modified `sshd_config` file overrides the default `sshd_config` file. -==== - -. Pass the YAML file and the folder to the `butane` utility: -+ -[source,terminal] ----- -$ butane -p embedded.yaml -d files-dir/ > embedded.ign ----- - -. Once the Ignition file is created, you can include the configuration in a new live {op-system} ISO, which is named `rhcos-sshd-4.12.0-x86_64-live.x86_64.iso`, with the `coreos-installer` utility: +. Once the Ignition file is created, you can include the configuration in a new live {op-system} ISO, which is named `rhcos-sshd-{product-version}.0-x86_64-live.x86_64.iso`, with the `coreos-installer` utility: + -[source,terminal] +[source,terminal,subs="attributes+"] ---- -$ coreos-installer iso ignition embed -i embedded.ign rhcos-4.12.0-x86_64-live.x86_64.iso -o rhcos-sshd-4.12.0-x86_64-live.x86_64.iso +$ coreos-installer iso ignition embed -i embedded.ign rhcos-{product-version}.0-x86_64-live.x86_64.iso -o rhcos-sshd-{product-version}.0-x86_64-live.x86_64.iso ---- .Verification . Check that the custom live ISO can be used to boot the server by running the following command: + -[source,terminal] +[source,terminal,subs="attributes+"] ---- -# coreos-installer iso ignition show rhcos-sshd-4.12.0-x86_64-live.x86_64.iso +# coreos-installer iso ignition show rhcos-sshd-{product-version}.0-x86_64-live.x86_64.iso ---- + @@ -96,26 +65,12 @@ $ coreos-installer iso ignition embed -i embedded.ign rhcos-4.12.0-x86_64-live.x "passwd": { "users": [ { - "name": "root", - "passwordHash": "$2b$05$aAd9TkvWnvUmeDQEA9vkiOoCqCZgd6cWn0xXwe.ii/TqeCxUC0Z0G", + "name": "core", "sshAuthorizedKeys": [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCZnG8AIzlDAhpyENpK2qKiTT8EbRWOrz7NXjRzopbPu215mocaJgjjwJjh1cYhgPhpAp6M/ttTk7I4OI7g4588Apx4bwJep6oWTU35LkY8ZxkGVPAJL8kVlTdKQviDv3XX12l4QfnDom4tm4gVbRH0gNT1wzhnLP+LKYm2Ohr9D7p9NBnAdro6k++XWgkDeijLRUTwdEyWunIdW1f8G0Mg8Y1Xzr13BUo3+8aey7HLKJMDtobkz/C8ESYA/f7HJc5FxF0XbapWWovSSDJrr9OmlL9f4TfE+cQk3s+eoKiz2bgNPRgEEwihVbGsCN4grA+RzLCAOpec+2dTJrQvFqsD alosadag@sonnelicht.local" ] } ] - }, - "storage": { - "files": [ - { - "overwrite": true, - "path": "/etc/ssh/sshd_config", - "contents": { - "compression": "gzip", - "source": "data:;base64,H4sIAAAAAAAC/4RXX2/bOBJ/16eYWy2QFoj/pdtDN8A9qI6SGLEdw3b22qeAlsY21xQpkJQd3cN99sUMZcUuvFsXbUXO8Mf5P8MYwu/X5xL118XdLTi3zV8zo9dyc72HQXfQ/wQ3/cGXXv+3Xv93uOnf/ja4vbkB/yekbyX8GkUxLLfSgXTgt8jnwaHdowVXO49F5yBzhABZWeGl0bCWCrsAC8QoPr3yw+ePsDYWCmMRpF4bW/CBbnsN4x+Eg8wUpVSYw0H6LcyS5eN/epWzPWUyoXorqW952X6Efdeu6SugIjhvhcdNDZXDnAUwJV3rQGrWKse1qJQ/FRXcVpZlc38UA1lwsXhkOxhwJWZyXbc4LKTforQt1l6oCuGwRUtGKI1zcqXwGlaVB4Vij8RfkJ4Fao95F+BFt6sW2ezRWrKw3xLOGTqbbbSG2lRwENqTZNlW6A1zQ2msB6NBwCIdS129NR675gNbFsGAR6WiuGURK1N58OSLANUlF2IhtNg0kB0BHbbVKy1fPXRK8FkJ8ex5vpy+TL6m8yiO4hnx3txEcZLnFp27F4VUNQhdR/FYOo+6IUC/y39+3L69jaJH4/wT1tBDn/Wc29Lf161x/tU68brD+h84MMt/zpPffP48+J25ohiGstyidSB0Djuspd5E8Rx3WI9lIX1rfW00vocsG5UCY22UMgepN+epYevSGyiNklnd5YAMlqVIiuKWbk2J1kt08KER4xomydBdQ7fb/QgHqRRo44PjhK4B12vMPFCEdUOk14FrhcewyVHDquYgEzrvKKmxjaxSOEoHCgHKEc7pKKaAadiB2Al5plA4vIZsi9kOCqEroaAUpAElU1XmwmMn6NFhPSW6D18+shnP059Ddmw2GzbtonbKbO5FJpX0NSQvy8fowt5sPvojisdmM8Y9KhhN758JJqn8FrWXGdeQ24hZpH6wIsOlLBBuimiGtpB+boxnGtToonjhrcz8xOTowsZEvBHY0pL1/83rBTrHZhr0oyieVasd1ucX8tGmwhwDI1SHYKeV8VvoUrSJym+Nlf/DnOIsRNclwk0Uc3nwTcE9caIzILXzQilxrDhKgdGqbm67hBcl7foJa3cvFYZ+cJE5it/ZZ1bqTJZChUNNvJ/DDZsoYeJl2otDC9qsTM7ZdW9s0M0bOBi7C4WLFBHKGdCIOVBWAltJ6vN83Wlz0Jy1Loopo1fCYf6DTzRl1LCpgYZcBDIUyNzoKw/eVs7D/3tsgRNECuQohr+BjeLRRhuLpM8THXrkM3zZHeNaFDnnUeXQXjm6wQZgMhHd11wjFQVcgJuHvWMcGcilEyuF4CutkZpfplBY8PjmOV0Pxubuuq3xBrTh9P9XFM8a8oUYjUMSpEXp6yMbC/8PZ86sqA39exTO9XZYv4sTxcOtUAr1BufoSqMdXsD7GY82dOUT2hVa4441KoqPOxfcfCQ92zH1flYmDwofSUuZ7dAPFQpdleekB/TJ/WJpdniO9uLwiXxodkc7PCwWyWzUihSWF1QMhOayocWc6EKFMAnEUHiSLMPSGzvkxGWpAvkJ6/Stce77oVST2XefSSrXGGqBvs2kqxrdFX0gM8IsmYA4E+8aRJaZSntqMhkVNr25juJQnkOdO6F0aaQ4lqCAmV9fQOXMpYqFIKjvUS/ZWlNteBKCn3lc6Jxay8UQ7ALcYYk6p15K5jWVZQnOxkxS4YJYeyl+enkhaljVFMNR3LQ/7/myNfzyY8+g4c5UvnMM+V+672PXn1ROwuy1bUzfmPrUuFyi2Vm2avEuSn9NOProSvYCdQSH/m9M1bjxZwpTnGhzRZL/N5lPR9OHW7h6cUgSaHNFrqbZwlUlzXSYU/W9x9xYwfBkr0xUjgy1RyvI76U1K4WF60YNTsiXhGIh2aD298YehGUfcpAzZZmVP+4/CI8HUdO8yPH9bTD4keXbYHAnXalE/bxekzEGfd58ccjJz13jpNYtl9+P6TvirmwxjNZ5mHhIk1IUr4XxedtoSlF08x6/QKjXUkU3a6BW6CfG55wxDiTj8QumjUbyFZlpj9YJL9lzIjwtVpVUviM10/ip0wKGXOblWDgKtqDCcjh7QiwTJfd4qhR1n1TvpTWaHglcIoamKG0TZTkqUWMeDZVE7fn4SHu0e6Fg8KUfxSeEIcXoRLzBpyh+cXg3XTDcTObc8Ht7YXu20myNbinzMBN5YX1V0kx0+6l/O+j3W3tzwwoSba0x/k5azLyxdTMe/BG0T2iYyauinaC1aWenldAaLZSC3ltfw+LIFkom8CMPOxaVoBjFE2PshZXkBxcF3lTvYZxMH2A8fB0uv89S+pi+TNL5aEify9GEt4bP43Gy5M/J8zRdJvPv/J0uFslDujhFG77Oklk6Z6AknE7u7ubpYsGA6TidPT5PA1SaLF7m6SSdLs8RRnfpdDm6Hw2T5eh5yhDjMQv6kjykJ7zfJs93o/tROl+Q/u0r8GgssybTuWoVXhouWhw/mye/W/uS/g+PY7nCN8x6pkTN49Tal51m4o9iSN9EUSok0OYifsOEkujCE7JE26EOBCvhJI/MPtsCD3hCG53tqZKG33n+8pAUfhcKwAn1PXNPNu+NzfA4aWZ7d3yn/BUAAP//SwsNmNoQAAA=" - }, - "mode": 384 - } - ] } } ----- \ No newline at end of file +----