According to the official instructions for installing RancherOS on the RPi, it does not use cloud-config. I cannot find any info on setting the SSH authorized_keys without using a cloud-config file. Anyone know how to do this? I’d like to not be stuck using the default password.
A cloud-config file can’t be used on first boot since there’s no method to inject one like there is in other platforms. You can still add an SSH key with ros config set
or ros config merge
(https://docs.rancher.com/os/configuration/).
I tried that, but it seems I was not using the appropriate key. Not sure where I can get a list of all possible settings that ros config
will recognize.
However, it seems I may have been overthinking it, since manually creating the ~/.ssh/authorized_keys
file seems to have done the trick.
so @joshwget could you give a bit of direction on what the merge command would look like?
I tried all manner of:
sudo ros config merge rancher.ssh.keys.rsa(rsa-pub etc.) “ssh-rsa AAA…”
waited 30 mins in one instance until I quit the process as it seemed it was looking for further input from me.
I ended up doing as @dankeller did and also set the rancher login pass to return key to disable the plain rancher ssh login
my gist for rPi-Rancher ssh keys
Thanks for any guidance
d
I’ve been able to set a ssh key with this command:
sudo ros config set ssh_authorized_keys ['ssh-rsa XXXX']
and then rebooting.
However I’ve not figure out how to disable the default rancher
password on the rancher
user. I can still login with that over ssh .
$ mkdir -p /boot
$ mount /dev/mmcblk0p1 /boot
$ vi /boot/cmdline.txt
#uncomment rancher.password=rancher
$ vi /etc/shadow
#change /etc/shadow rancher user to '!' e.g. rancher:!:17938:0:99999:7:::
$ reboot