log in as root without specifying password on Openstack instance?

Latest response

When I did some KVM testing, I could set up ssh so that I didn't have to enter the password. Is there something like that I could do for these Openstack instances? I suppose if I never delete the instances then I could do the same thing, but I don't think that's the normal use-case scenario for openstack instances - is it?

I've created an image that has some software on it that I need to run as root. The root user has a password.

I'm able to launch an instance based on this image but when I specify the keypair file on the ssh command, it still asks me for root's password. Is there a way to get around this?

I thought using the keypair was supposed to allow for password-less login to the instance.

I just saw on this site that it says I need to use cloud-init(?). That's not mentioned in the getting started guide. It also says not to specify the keypair if an image has a static password for root.

Any pointers are appreciated,
Dave

Responses

Dave,

I think there was some discussion on the mailing list about this (that you were involved in) but just wanted to make sure I responded here as well.

https://www.redhat.com/archives/rhos-list/2013-October/msg00018.html

In short... cloud-init is a package that should be installed in your guest images prior to being loaded into Glance. Many distributions provide 'cloud ready' images (usually in qcow2 format) that already contain cloud-init installed. For example, RHEL, Fedora and Cirros images are all prepared and should work out of the box.

Some cloud images use the root user as the one for default logins, and this would be the user that gets the public key you specify copied into it as part of the first boot process in the cloud (via cloud-init retrieving the image from the metadata server). Other images (like Cirros) use a non-root user for this. If you build your own images you can include the cloud-init package and specify which user you would like to use.

cloud-init is shipped with RHEL Server and is available via the Red Hat Common RHN/CDN Channel. cloud-init is also included by default in the RHEL 6 qcow2 images that are available via RHN/CDN.

Note: The RHEL and Fedora qcow2 images disable root password login by default (since setting up a default password on images that are distributed widely would be a security problem). You can use tools like virt-sysprep (in the libguestfs-tools package in Fedora or RHEL) to set a root password. You can use a root password in conjunction with pubkey auth if you would like. The two methods are not mutually exclusive.

Hope that info helps!

Single User mode helped me to change the password to RHEL 6.5 qcoe2 image.

I did the following:

  • boot to the RHEL6.5 Instance.
  • The moment the system completes the reboot cycle keep pressing the space bar to get the GRUB menu.
  • After you observe the RedHAT Grub menu press the key "e" to edit the "kernel" line item in the grub menu.
  • Again press key "e" to edit the line & at the end type "single" (note: without quotes).
  • Now Press key "b" to boot to the Kernel.
  • After it arrives to prompt type the following:

passwd

(note: now set the password)

Then reboot the OS.

Verify and your new password is configured.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.