spread: work around SSH password authentication disabled by livecd-ro…

…otfs In recent images, livecd-rootfs may be disabling SSH password authentication by default, with the intention that cloud-init would enabled that by placing a higher priority file under /etc/sshd/sshd_config.d/. See https://git.launchpad.net/livecd-rootfs/commit/live-build/ubuntu-cpc/hooks.d/chroot/052-ssh_authentication.chroot?id=480d5b26ea97e0bfebac8aedfa1f2bf7286f027a for reference. Do the same as cloud-init would a drop a higher priority config overriding relevant SSHD settings. Signed-off-by: Maciej Borzecki <[email protected]>
canonical · Mar 13, 2024 · a86ce42 · a86ce42
1 parent ded9133
commit a86ce42
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/spread/lxd.go b/spread/lxd.go
@@ -482,6 +482,16 @@ func (p *lxdProvider) serverJSON(name string) (*lxdServerJSON, error) {
 func (p *lxdProvider) tuneSSH(name string) error {
 	cmds := [][]string{
 		{"sed", "-i", `s/^\s*#\?\s*\(PermitRootLogin\|PasswordAuthentication\)\>.*/\1 yes/`, "/etc/ssh/sshd_config"},
+		// provide a higher priority drop in with our overrides
+		{"/bin/bash", "-c", `
+if [ -d /etc/ssh/sshd_config.d ]; then
+    cat <<EOF > /etc/ssh/sshd_config.d/01-spread-overrides.conf
+PermitRootLogin yes
+PasswordAuthentication yes
+EOF
+fi
+`[1:],
+		},
 		{"/bin/bash", "-c", fmt.Sprintf("echo root:'%s' | chpasswd", p.options.Password)},
 		{"killall", "-HUP", "sshd"},
 	}