[CentOS-devel] password ssh-ing in Centos/7 Vagrant box
Rafal Skolasinski
r.j.skolasinski at gmail.comThu Oct 6 16:01:29 UTC 2016
- Previous message: [CentOS-devel] password ssh-ing in Centos/7 Vagrant box
- Next message: [CentOS-devel] [Non-DoD Source] Re: password ssh-ing in Centos/7 Vagrant box
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
*shouldn't ;) On 6 October 2016 at 17:57, Rafal Skolasinski <r.j.skolasinski at gmail.com> wrote: > Hi Laurențiu, > > Thanks for detailed information! I am using playbooks to create vms on a > remote host and then I want to run another playbook to configure them. > I want to enable password authentication only for a moment of initial > configuration and then disable it again - I believe this should cause any > security risk. > > Thanks, > Rafal > > > > On 6 October 2016 at 17:42, Laurentiu Pancescu <lpancescu at gmail.com> > wrote: > >> Hi Rafal, >> >> On 06/10/16 15:42, Rafal Skolasinski wrote: >> >>> Vagrant Image version 1607.01 introduced a nice fix for a security issue >>> with default password for a Vagrant user. >>> >>> I understand that this is important, however I wanted to ask if it is >>> possible to switch it off? >>> I couldn't figure out a way it was introduced. >>> >> >> If you want to reenable it, set PasswordAuthentication to no in >> /etc/ssh/sshd_config, then reload sshd. I wouldn't recommend that, since >> the system is fully usable with passwords disabled. >> >> I was using first ansible login via password to configure my vms and then >>> switching that option off by myself anyway. >>> >> >> You can still do this without enabling password authentication. If you >> use Vagrant's Ansible provisioner, things will just work without doing >> anything special (this is how I work). [1] >> >> Alternatively, configure Ansible to connect using the private key that >> Vagrant generates (e.g. .vagrant/machines/default/virtualbox/private_key); >> if you'd like to use your own key for all boxes, add 'config.ssh.insert_key >> = false' to your Vagrantfile, and replace the insecure key from your >> playbook. >> >> Another way is to generate a ssh configuration file locally, via 'vagrant >> ssh-config > my_ssh_config', and use Ansible's --ssh-common-args option to >> pass "-F my_ssh_cfg" to ssh. >> >> Best regards, >> Laurențiu >> >> >> [1] https://www.vagrantup.com/docs/provisioning/ansible.html >> _______________________________________________ >> CentOS-devel mailing list >> CentOS-devel at centos.org >> https://lists.centos.org/mailman/listinfo/centos-devel >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20161006/55ba67ff/attachment-0004.html>
- Previous message: [CentOS-devel] password ssh-ing in Centos/7 Vagrant box
- Next message: [CentOS-devel] [Non-DoD Source] Re: password ssh-ing in Centos/7 Vagrant box
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list