lgcosta
November 3, 2015, 11:23pm
1
I’m trying all possible ways, change the default port sshd, have tried to create the sshd_config file, in cloud-config.yml file, but without success.
write_files:
- path: /etc/ssh/sshd_config
permissions: 0600
owner: root:root
content: |
Port 2222
AuthorizedKeysFile .ssh/authorized_keys
UsePrivilegeSeparation sandbox # Default for new installations.
ClientAliveInterval 180
Subsystem sftp /usr/libexec/sftp-server
UseDNS no
PermitRootLogin no
AllowGroups docker
I did not find information on how to do this via ros config. Can anyone help me ?
1 Like
@lgcosta I’m afraid, this is not currently possible, because sshd_config is now rewritten by the console container start script after cloud-init execute phase is run.
Maybe we’ll change it in v0.4.1: https://github.com/rancher/os-images/pull/36
1 Like
lgcosta
November 10, 2015, 7:59pm
3
Thanks for reply @imikushin . As a palliative way, I’m doing as follows:
sudo mkdir -p /opt/rancher/bin
sudo bash -c 'cat <<EOF > /opt/rancher/bin/start.sh
#!/bin/bash
sudo sed -i "s/#Port 22/Port 2222/" /etc/ssh/sshd_config
sudo kill -HUP \$(ps ax |grep "sshd -D" | grep -v grep | awk "{ print $1 }")
EOF'
sudo chmod +x /opt/rancher/bin/start.sh
This is working
lgcosta
November 10, 2015, 9:52pm
4
best place in the cloud-config.yml
write_files:
- path: /opt/rancher/bin/start.sh
permissions: "0755"
owner: root
content: |
#!/bin/bash
sudo sed -i "s/#Port 22/Port 2222/" /etc/ssh/sshd_config
sudo kill -HUP \$(ps ax |grep "sshd -D" | grep -v grep | awk "{ print $1 }")
carloss
November 23, 2015, 11:20am
6
Hello,
what is the current status of this in 0.4.1? Will the original OP’s solution work now?
Karel
denise
November 23, 2015, 6:55pm
7
The issue mentioned above was merged before we cut v0.4.1, so it should be available. @imikushin Please let me know if I’m mistaken.
rancher:master
← imikushin:cloud-init-exec-later
opened 09:12AM - 09 Nov 15 UTC
carloss
November 23, 2015, 9:52pm
8
Yes, I can confirm it works now!
Just one thing:
permissions: 0600 will not be accepted! it has to be changed to permissions: “0600”
It is a mystery to me why so many cloud-init examples have missing quotes there. write_files won’t work at all if those quotes are missing (spent 2 hours by debugging this!)
1 Like