Sorry for chiming in with an unsolicited opinion, but I just stumbled on Jan's patch as I was searching exactly for that kind of functionality. :)
I'm currently using `vmdebootstrap` (it is awesome, thanks!) to set up an ephemeral VM used as the test environment for the ansible playbook of a production server. I totally understand the need to keep the number of options down, but I still think that Jan's patch makes the right thing easier to do (that is, rely on key auth for privileged access), in particular in light of the fact that `sshd_config` defaults to `PermitRootLogin without- password` (which has now been renamed to `prohibit-password` and basically prevents password-based SSH access). This means that at the moment there doesn't seem to be any good option to get automated root access without using a custom script: * `--root-password` is useless due to the ssh config default * no straightforward way to to install a ssh key for root * using an unprivileged user and `sudo` works, but makes key-based auth useless as `sudo` would still ask for the password The only solution currently available is thus using a customization script, but Jan's option would make this *much* easier, and I think reducing friction on the most secure path would be worth the pain of having an additional option. :) (Honestly I think such an option would be in fact be *more* useful than the current root/user-related options, once you have a secure key-based root connection you can easily set up the root password, other accounts, etc., manually or using chef/ansible/whatever, but of course those options cannot be dropped for compatibility reasons)