[CentOS-devel] password ssh-ing in Centos/7 Vagrant box
Laurențiu Păncescu
lpancescu at gmail.comThu Oct 6 18:30:31 UTC 2016
- Previous message: [CentOS-devel] [Non-DoD Source] Re: password ssh-ing in Centos/7 Vagrant box
- Next message: [CentOS-devel] password ssh-ing in Centos/7 Vagrant box
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Rafal, On Thu, Oct 6, 2016 at 5:57 PM, Rafal Skolasinski <r.j.skolasinski at gmail.com > wrote: > Thanks for detailed information! I am using playbooks to create vms on a > remote host and then I want to run another playbook to configure them. > For me, the most amazing feature of Vagrant was to be able to use just one Vagrantfile to control both local development VMs, to production servers, and to change from one to the other with just one command. There are Vagrant plugins for pretty much every provider with an API: big "cloud" providers like AWS, Google Cloud or Azure, VPS hosters like Digital Ocean, Vultr or Linode, and also other cloud solutions like OpenShift, OpenStack and CloudStack. You can also use the libvirt plugin with both local and remote servers, it comes with plugins for most virtualization providers and Docker, and there's even a plugin for dedicated servers (when there's no API for controlling their creation and destruction). Being able to do: vagrant up --provider virtualbox vagrant up --provider aws vagrant up --provider digitalocean and move seamlessly between providers, provisioning everything with Ansible, is just priceless. I wouldn't go back to plain Ansible and writing dynamic inventory scripts. > I want to enable password authentication only for a moment of initial > configuration and then disable it again - I believe this should[n't] cause > any security risk. > The risk is small, but not zero. If someone's script hits your server in a critical moment, your server becomes his. This is not just theoretical: during Blaster (a Windows worm), a former colleague had installed Windows 2000 more than 12 times, and went directly to download the hotfix from Microsoft, which took less than a minute - and got infected every single time. And I've heard people complaining about getting hacked in the first 5 minutes after imaging a new Linux VPS, before they had the time to disable password logins (they had chosen their own passwords - apparently not that unique). But that's for you to decide - good luck! :) Best regards, Laurențiu -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20161006/97414b84/attachment-0004.html>
- Previous message: [CentOS-devel] [Non-DoD Source] Re: password ssh-ing in Centos/7 Vagrant box
- Next message: [CentOS-devel] password ssh-ing in Centos/7 Vagrant box
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list