this may be asked already (in some way or another) but i couldn’t find a definitive answer. So here my question:
how can add a root password for each VM (my guess in the contextualization) differently?
my scenario:
i created user 1 with username and password - he creates VM centos - the user logs into SSH with his password from opennebula
i create user 2 with other username and other password - he creates VM ubuntu - the user logs into ssh with his own password from opennebula
or something like that. i dont want to make a general password for everyone, but each user with his own password can login into SSH with the password that was created by them.
how can add a root password for each VM (my guess in the contextualization) differently?
You are on the right track.
Following the docs for VM contextualization you could set the contextualization variable PASSWORD . There are other options possible too, you could check VM template contextualization.
i know but this doesn’t solve the issue. if user x reboots the server and user y knows the IP address of user x then user y could enter into the VM with the provided password. that’s a huge security breach.
can’t i link the oneuser password into all the VMs that the user creates?
The password hashing for the oneuser in OpenNebula and VM OS user must match. I think that there is no such feature in OpenNebula so feel free to open feature request for such implementation.
Another option I could thing off top of my head is to have LDAP authorisation configured for both OpenNebula and the VM logins.
wouldn"t it be possible to make it mandatory to put the root password as user input?
how does opennebula know that the user input is for the root password? or how can i tell him that?
also: is there an API call for the user input if created?
You can add a user input PASSWORD and make it mandatory in the template, this will ask every user to input desired password and on log on root password will automatically be set
Okay. and if i want crypted_password_base64 then the user puts the password already crypted? or can he input any password that he desires and opennebula transform it into crypted base64?
Hey everyone,
The USERNAME/PASSWORD input by user at instantiation does not work for me.
I have a template that uses a persistant disk; with username/password requested in the contextualisation.
The username/password are mentionned in the template of the VM correctly. (It’s an old ubuntu by the way).However, these user/pass cannot be used to login onto the VM.
Any idea what could be causing this?? Or did I completely miss the point of username/password??