RancherOS on RaspberryPi: switching consoles loses ssh keys?

#1

I’m attempting to automate my setup of my raspberry pi cluster by using ansible. The playbook I have so far is:

- hosts: pis
  become: yes
  gather_facts: no
  pre_tasks:
      - name: 'install ssh key ros config'
        raw: "sudo ros config set ssh_authorized_keys \"['[my-public-key]']\""
      - name: 'install ssh key copy'
        raw: "sudo mkdir -p /home/rancher/.ssh && rm -f /home/rancher/.ssh/authorized_keys && echo \"ssh-rsa [my-public-key]\" >> /home/rancher/.ssh/authorized_keys && chmod -R 0600 /home/rancher/.ssh && chmod u+x /home/rancher/.ssh && chown -R rancher:rancher /home/rancher/.ssh"
# unsure if this works or just bricks them.  Seems to lose the ability to remote into them?
#     - name: 'set new console'
#       raw: 'sudo ros console switch -f ubuntu'

As you might guess, the commented area is what’s giving me problems: if I enable a switch to ubuntu, the pis become unusable - if I try to remote into them with the same ssh command I would’ve if I didn’t issue the ros console switch, I can’t log in. In fact it looks like the ssh daemon isn’t running at all:

# ssh -vvv -i ~/.ssh/id_rsa rancher@10.0.0.20
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "10.0.0.20" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 10.0.0.20 [10.0.0.20] port 22.
debug1: connect to address 10.0.0.20 port 22: Connection refused
ssh: connect to host 10.0.0.20 port 22: Connection refused

Again, to be clear - if I don’t do the switch console everything is fine.

Is there something I’m missing that I should do to allow switching consoles?

#2

@eddieparker Could you please give more informations such as how you configure your ROS RPI network etc…?
Try only set the ssh_authorized_keys in cloud-config. No need to operate user home directory.

#3

Honestly I just flash the SD card from the stock image and boot it. The ansible I run above is the only config changes I made.

You mention using cloud config, but I thought the docs said you can’t use cloud config with raspberry pi? Or do you mean to just use ros?

#4

Use ros command or manual modify cloud-config.yml.

sudo ros config set ssh_authorized_keys ['ssh-rsa XXXX']