[ec2-beta] "ubuntu" passwordless sudo

Eric Hammond ehammond at thinksome.com
Wed Jan 14 16:01:30 GMT 2009


There has been a lot of back and forth in this thread, but my current
thoughts combining some of what Jamie and Mark have said are:

- User's public key is place in /home/ubuntu/.ssh/authorized_keys

- User "ubuntu" is allowed to sudo without a password

- Ssh to root is either rejected outright, or preferably there would be
a message which directs the user to try again using ubuntu@

- When the user connects to the ubuntu account, there is a message
explaining how to sudo tasksel to easily set up standard server types.

Jamie included some technical details in his proposal:

Eric Hammond
ehammond at thinksome.com

Soren Hansen wrote:
> On Mon, Jan 12, 2009 at 11:15:48PM -0800, Eric Hammond wrote:
>> We might even consider disabling all root ssh logins on the images.
> Perhaps not explicitly disable them, but we could add a configuration
> option to the ec2-init package to put the ssh credentials in another
> users' authorized_keys instead of root's.
>> This is actually the approach I had originally considered when I
>> started building Ubuntu AMIs for EC2, but I didn't feel like I had the
>> clout to convince EC2 people to do things my way.  Perhaps Canonical
>> does :)
> I'm not sure what you're referring to? You mean using the supplied key
> to log in as another user than root?

More information about the Ec2-beta mailing list