Hello Karanbir,
My assumption was that people would ssh-key login via root, after using the metadata service to inject a ssh-key; is that an unfair assumption here ?
Right, this should be the normal case.
The thought of having a pre-setup root password in images that might make it to public interfaces is a bit unsettling.
So the current image already disables password login for ssh. And I think Nux is right to also remove the root password in /etc/shadow completely.
For the "problem case" where e.g. ssh over the network might be broken then cloud-init needs to inject a root password or something similar to allow for console access.
For people now looking at the new OpenStack Havana release: If you want to setup your own test cloud ontop of CentOS-6.4, please have a look at http://jur-linux.org/testwiki/index.php/CloudLinux/OpenStack
this looks like a good resource - both for people starting off and for people looking at references specific for the EL base. We could do with something like this at wiki.centos.org/Cloud/OpenStack - fancy hacking that up ?
If I get the right access, I'd be happy to move information over to the centos wiki.
P.S.: Will the script to setup this CentOS image also be available to allow for many stable/customized versions to show up?
yes, I might have cleaned up the kickstarts; but in future builds those should still be in place. The image is built from an anaconda run, and not a loop mounted package injection process.
Looking forward to these.
best regards,
Florian La Roche