Bureaucrats, cc_docs_admin, cc_staff
2,879
edits
(copyedit first para only) |
(copyediting) |
||
Line 125: | Line 125: | ||
<!--T:29--> | <!--T:29--> | ||
There are a number of ways to allow more than one person to log in to a VM. | There are a number of ways to allow more than one person to log in to a VM. We recommend creating new user accounts and adding public [[Ssh keys|SSH keys]] to these accounts. To do so manually, first create a new user account (under Ubuntu, for example) with the command {{Command|sudo adduser USERNAME}} | ||
Then add the | Then add the person's public key to the <code>/home/$USER/.ssh/authorized_keys</code> file as described in [[Ssh keys|SSH keys]] and linked pages. | ||
<!--T:30--> | <!--T:30--> | ||
Alternatively, you can do this during the creation of a VM using [http://cloudinit.readthedocs.org/en/latest/index.html# CloudInit]. The following CloudInit script adds two users <code>gretzky</code> and <code>lemieux</code> with and without sudo permissions respectively. | |||
<!--T:31--> | <!--T:31--> | ||
#cloud-config | #cloud-config | ||
users: | users: | ||
- name: | - name: gretzky | ||
shell: /bin/bash | shell: /bin/bash | ||
sudo: ALL=(ALL) NOPASSWD:ALL | sudo: ALL=(ALL) NOPASSWD:ALL | ||
ssh_authorized_keys: | ssh_authorized_keys: | ||
- < | - <Gretzky's public key goes here> | ||
- name: | - name: lemieux | ||
shell: /bin/bash | shell: /bin/bash | ||
ssh_authorized_keys: | ssh_authorized_keys: | ||
- < | - <Lemieux's public key goes here> | ||
<!--T:32--> | <!--T:32--> | ||
For more about the YAML format used by CloudInit, see [http://www.yaml.org/spec/1.2/spec.html#Preview YAML Preview]. Note that YAML is very picky about white space formatting, so that there must be a space after the "-" before your public key string. Also, this configuration overwrites the default user that is added when no CloudInit script is specified, so the users listed in this configuration script will be the ''only'' users on the newly created VM. It is therefore vital to have at least one user with sudo permission. More users can be added by simply including more <code>- name: username</code> sections. | |||
<!--T:33--> | <!--T:33--> | ||
If you wish to preserve the default user created by the distribution (debian, centos, ubuntu, etc.), use the following form: | If you wish to preserve the default user created by the distribution (users <code>debian, centos, ubuntu,</code> ''etc.''), use the following form: | ||
<!--T:34--> | <!--T:34--> | ||
#cloud-config | #cloud-config | ||
users: | users: | ||
- default | - default | ||
- name: | - name: gretzky | ||
shell: /bin/bash | shell: /bin/bash | ||
sudo: ALL=(ALL) NOPASSWD:ALL | sudo: ALL=(ALL) NOPASSWD:ALL | ||
ssh_authorized_keys: | ssh_authorized_keys: | ||
- < | - <Gretzky's public key goes here> | ||
- name: | - name: lemieux | ||
shell: /bin/bash | shell: /bin/bash | ||
ssh_authorized_keys: | ssh_authorized_keys: | ||
- < | - <Lemieux's public key goes here> | ||
<!--T:35--> | <!--T:35--> | ||
After the VM has finished spawning, | After the VM has finished spawning, look at the log to ensure that the public keys have been added correctly for those users. The log can be found by clicking on the name of the instance on the "Compute->Instances" panel and then selecting the "log" tab. The log should show something like this: | ||
<!--T:36--> | |||
ci-info: ++++++++Authorized keys from /home/ | ci-info: ++++++++Authorized keys from /home/gretzky/.ssh/authorized_keys for user gretzky++++++++ | ||
ci-info: +---------+-------------------------------------------------+---------+------------------+ | ci-info: +---------+-------------------------------------------------+---------+------------------+ | ||
ci-info: | Keytype | Fingerprint (md5) | Options | Comment | | ci-info: | Keytype | Fingerprint (md5) | Options | Comment | | ||
Line 174: | Line 174: | ||
ci-info: | ssh-rsa | ad:a6:35:fc:2a:17:c9:02:cd:59:38:c9:18:dd:15:19 | - | rsa-key-20160229 | | ci-info: | ssh-rsa | ad:a6:35:fc:2a:17:c9:02:cd:59:38:c9:18:dd:15:19 | - | rsa-key-20160229 | | ||
ci-info: +---------+-------------------------------------------------+---------+------------------+ | ci-info: +---------+-------------------------------------------------+---------+------------------+ | ||
ci-info: ++++++++++++Authorized keys from /home/ | ci-info: ++++++++++++Authorized keys from /home/lemieux/.ssh/authorized_keys for user lemieux++++++++++++ | ||
ci-info: +---------+-------------------------------------------------+---------+------------------+ | ci-info: +---------+-------------------------------------------------+---------+------------------+ | ||
ci-info: | Keytype | Fingerprint (md5) | Options | Comment | | ci-info: | Keytype | Fingerprint (md5) | Options | Comment | | ||
Line 182: | Line 182: | ||
<!--T:37--> | <!--T:37--> | ||
Once this is done, users can log into the VM with their private keys as usual (see [[ | Once this is done, users can log into the VM with their private keys as usual (see [[Ssh keys]]). | ||
=Downloading an image= <!--T:38--> | =Downloading an image= <!--T:38--> |