Key-based SSH authentication for root should be enabled before changing the password, because if that fails (for example because the user hasn't generated an SSH key pair yet) having changed the root password will result in subsequent 'lcitool prepare' runs failing to access the guest.
Signed-off-by: Andrea Bolognani <abolo...@redhat.com> --- guests/tasks/base.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/guests/tasks/base.yml b/guests/tasks/base.yml index b220bb0..acdcc11 100644 --- a/guests/tasks/base.yml +++ b/guests/tasks/base.yml @@ -96,18 +96,18 @@ hostname: name: '{{ inventory_hostname }}' -- name: Configure root password and shell - user: - name: root - password: '{{ lookup("file", lookup("env", "HOME") + "/.config/lcitool/.root-password.hash") }}' - shell: '{{ bash }}' - - name: Configure ssh access for the root user authorized_key: user: root key: '{{ lookup("file", lookup("env", "HOME") + "/.ssh/id_rsa.pub") }}' state: present +- name: Configure root password and shell + user: + name: root + password: '{{ lookup("file", lookup("env", "HOME") + "/.config/lcitool/.root-password.hash") }}' + shell: '{{ bash }}' + - name: Disable password authentication for the root user lineinfile: path: /etc/ssh/sshd_config -- 2.13.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list