Configuring an SSH User for Packer

[Thomas Keschl]

What are the configuration requirements for creating a user in a base AMI that subsequent Packer builds can use to provision the box?

I've tried a number of things but the second "leaf" builds always fail at trying to connect via SSH. After debugging the issue, I found that the user that I'm trying to SSH with doesn't have the temporary public key in the authorized_keys file, while the 'ubuntu' user does. Once I manually copy that information over to my new 'packer' user, it can connect.

Any thoughts on what my 'packer' user needs to be able to do in order for this functionality to work? I'm unable to use the default 'ubuntu' user because our security team has applied some restrictions on that account that cause it to have an expiring password, so I'm trying to set up this custom account that can be removed at the end of a leaf image build but used indefinitely to build on top of a base image.

Any help would be greatly appreciated, thank you!

[Rickard von Essen]

The public ssh key is added by the cloud-init tool when the instance boots the first time to the "default user" the default user is "ubuntu" for Ubuntu dists. The second build should work if you use ssh_user ubuntu. If you want to switch this behaviour you can change the default user in the first build by editing "/etc/cloud/cloud.cfg" search for default_user. After that the next build should put the public key into your new custom default user.

// Rickard

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.

GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/f6f81d92-5fe3-40f3-bffa-8823842d0fb7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Thomas Keschl]

Sorry for the late reply, but this was exactly the secret sauce I was missing. Thank you!

On Wednesday, May 16, 2018 at 9:14:07 AM UTC-4, Rickard von Essen wrote:

The public ssh key is added by the cloud-init tool when the instance boots the first time to the "default user" the default user is "ubuntu" for Ubuntu dists. The second build should work if you use ssh_user ubuntu. If you want to switch this behaviour you can change the default user in the first build by editing "/etc/cloud/cloud.cfg" search for default_user. After that the next build should put the public key into your new custom default user.

// Rickard

On 16 May 2018 at 12:42, Thomas Keschl <thomas...@gmail.com> wrote:

What are the configuration requirements for creating a user in a base AMI that subsequent Packer builds can use to provision the box?

I've tried a number of things but the second "leaf" builds always fail at trying to connect via SSH. After debugging the issue, I found that the user that I'm trying to SSH with doesn't have the temporary public key in the authorized_keys file, while the 'ubuntu' user does. Once I manually copy that information over to my new 'packer' user, it can connect.

Any thoughts on what my 'packer' user needs to be able to do in order for this functionality to work? I'm unable to use the default 'ubuntu' user because our security team has applied some restrictions on that account that cause it to have an expiring password, so I'm trying to set up this custom account that can be removed at the end of a leaf image build but used indefinitely to build on top of a base image.

Any help would be greatly appreciated, thank you!

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.

GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.