[CentOS-devel] password ssh-ing in Centos/7 Vagrant box
r.j.skolasinski at gmail.com
Thu Oct 6 15:57:30 UTC 2016
Thanks for detailed information! I am using playbooks to create vms on a
remote host and then I want to run another playbook to configure them.
I want to enable password authentication only for a moment of initial
configuration and then disable it again - I believe this should cause any
On 6 October 2016 at 17:42, Laurentiu Pancescu <lpancescu at gmail.com> wrote:
> Hi Rafal,
> On 06/10/16 15:42, Rafal Skolasinski wrote:
>> Vagrant Image version 1607.01 introduced a nice fix for a security issue
>> with default password for a Vagrant user.
>> I understand that this is important, however I wanted to ask if it is
>> possible to switch it off?
>> I couldn't figure out a way it was introduced.
> If you want to reenable it, set PasswordAuthentication to no in
> /etc/ssh/sshd_config, then reload sshd. I wouldn't recommend that, since
> the system is fully usable with passwords disabled.
> I was using first ansible login via password to configure my vms and then
>> switching that option off by myself anyway.
> You can still do this without enabling password authentication. If you
> use Vagrant's Ansible provisioner, things will just work without doing
> anything special (this is how I work). 
> Alternatively, configure Ansible to connect using the private key that
> Vagrant generates (e.g. .vagrant/machines/default/virtualbox/private_key);
> if you'd like to use your own key for all boxes, add 'config.ssh.insert_key
> = false' to your Vagrantfile, and replace the insecure key from your
> Another way is to generate a ssh configuration file locally, via 'vagrant
> ssh-config > my_ssh_config', and use Ansible's --ssh-common-args option to
> pass "-F my_ssh_cfg" to ssh.
> Best regards,
>  https://www.vagrantup.com/docs/provisioning/ansible.html
> CentOS-devel mailing list
> CentOS-devel at centos.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the CentOS-devel