[ec2-beta] "ubuntu" passwordless sudo
Eric Hammond
ehammond at thinksome.com
Wed Jan 14 16:01:30 GMT 2009
Soren:
There has been a lot of back and forth in this thread, but my current
thoughts combining some of what Jamie and Mark have said are:
- User's public key is place in /home/ubuntu/.ssh/authorized_keys
- User "ubuntu" is allowed to sudo without a password
- Ssh to root is either rejected outright, or preferably there would be
a message which directs the user to try again using ubuntu@
- When the user connects to the ubuntu account, there is a message
explaining how to sudo tasksel to easily set up standard server types.
Jamie included some technical details in his proposal:
https://lists.ubuntu.com/mailman/private/ec2-beta/2009-January/000079.html
--
Eric Hammond
ehammond at thinksome.com
Soren Hansen wrote:
> On Mon, Jan 12, 2009 at 11:15:48PM -0800, Eric Hammond wrote:
>> We might even consider disabling all root ssh logins on the images.
>
> Perhaps not explicitly disable them, but we could add a configuration
> option to the ec2-init package to put the ssh credentials in another
> users' authorized_keys instead of root's.
>
>> This is actually the approach I had originally considered when I
>> started building Ubuntu AMIs for EC2, but I didn't feel like I had the
>> clout to convince EC2 people to do things my way. Perhaps Canonical
>> does :)
>
> I'm not sure what you're referring to? You mean using the supplied key
> to log in as another user than root?
>
>
More information about the Ec2-beta
mailing list