| m.tremer | |
| Nov 13 2018, 2:37 PM |
| F266751: 0001-AWS-Fix-default-configuration.patch | |
| Nov 21 2018, 7:44 PM |
Hello,
I am deploying VyOS 1.2.x on AWS using the build-ami scripts. In September, SSH login was working perfectly fine. Now, I cannot log in with the SSH key chosen when launching the instance.
Have there been any changes to the login process (I tried various usernames)? I could reproduce this down to 1.2.0-rc5.
Port is open, SSH is responding. Public key authentication is enabled.
Do you also create the iso yourself or dowload it?
In 1.2 we will be using cloud-init and the ec2 init script was removed.
Please try to build the aws iso from vyos-build and use sudo make AWS
instead of sudo make iso.
If you use you own debian jessie build server please update live-build to
debian stretch version (uefi changes) or better yet use Docker.
Op di 13 nov. 2018 15:37 schreef m.tremer (Michael Tremer) <
[email protected]>:
Thanks for your reply.
Yes, I am aware of that I suspect that this is where the problem is.
Please try to build the aws iso from vyos-build and use sudo make AWS
instead of sudo make iso.
I did not build the ISO myself. I used the official RC builds and rolling releases for testing.
I cannot reproduce this on bare-metal. After setting eth0 to DHCP, enabling SSH and adding a key I could log in with that key via SSH.
This is the configuration I used:
vyos@vyos:~$ show configuration
interfaces {
ethernet eth0 {
address dhcp
}
loopback lo {
}
}
service {
ssh {
port 22
}
}
system {
config-management {
commit-revisions 100
}
console {
device ttyS0 {
speed 9600
}
}
host-name vyos
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
public-keys mykey {
key ****************
type ssh-ed25519
}
}
level admin
}
}
ntp {
server 0.pool.ntp.org {
}
server 1.pool.ntp.org {
}
server 2.pool.ntp.org {
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
}That's why it either has something to do with the default configuration that build-ami is installing (and where I cannot see anything that doesn't look right) or cloud-init importing something wrong. However, I have no chance to see what configuration is applied by cloud-init (very easily).
build-ami is obsolete and never was intended for 1.2 but 1.1
therefore it will not start work and will be removed at some point in favor of aws target
Okay, that is good to know. Unfortunately documentation is heavily outdated. However, I found a fix for this problem which I attached to this message as a patch.
The default vyos user was just missing when an image was being created with "make AWS".
@m.tremer added the patch, thanks... was under the impression cloud-init added the user as it is stated as default user, but clearly it does not.