Public bug reported: When cloud-init runs, it populates root's .ssh/authorized_keys with an entry like: no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"ubuntu\" rather than the user \"root\".';echo;sleep 10" ssh-rsa A....dLQ0= nova@dziban
That blocks login as root with that key, and provides the user with a message saying to login as the "ubuntu" user instead. This is a security choice made by Ubuntu, and nova is overriding that choice by inserting the key into /root/.ssh/authorized_keys when the image is being built. Personally, I think that disks provided to nova should be provided to the guest 100% unmodified in all cases, but at very least, this needs to be configurable. ProblemType: Bug DistroRelease: Ubuntu 11.10 Package: nova-compute 2011.3~d4~20110812.1417-0ubuntu1 ProcVersionSignature: Ubuntu 3.0.0-9.14-virtual 3.0.3 Uname: Linux 3.0.0-9-virtual i686 Architecture: i386 Date: Thu Aug 25 03:19:39 2011 PackageArchitecture: all ProcEnviron: LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: nova UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: nova (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug ec2-images i386 oneiric uec-images -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to nova in Ubuntu. https://bugs.launchpad.net/bugs/833499 Title: virt/disk.py unconditionally inserts public_keys into /root/.ssh/authorized_keys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/833499/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs