mirrors
/
kubernetes-the-hard-way
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
kubernetes-the-hard-way/docs/enable-root-ssh-login.md

2.1 KiB
Raw Blame History

Enable root Login

Initially the root account will be locked on all machines. You will need to manually unlock the root account on each virtual machine.

You'll need to repeat these steps on each machine.

Login to the machine with the vagrant user:

vagrant ssh@jumpbox

Now set a password for the root account:

sudo passwd root

NOTE: You can choose password vagrant to keep it the same as the vagrant user, and there will be only 1 password to remember.

You'll need to unlock the password of the named account. This option re-enables a password by changing the password back to its previous value. In this case it should be set to the password we just assigned.

sudo passwd -u root

Test that it works by running and entering the password you set:

su

Configuring SSH Access

SSH will be used to configure the machines in the cluster. Verify that you have root SSH access to each machine listed in your machine database. You may need to enable root SSH access on each node by updating the sshd_config file and restarting the SSH server.

Enable root SSH Access

If root SSH access is enabled for each of your machines you can skip this section.

By default, a new install may disable SSH access for the root user. This is done for security reasons as the root user has total administrative control of unix-like systems. If a weak password is used on a machine connected to the internet, well, let's just say it's only a matter of time before your machine belongs to someone else. As mentioned earlier, we are going to enable root access over SSH in order to streamline the steps in this tutorial. Security is a tradeoff, and in this case, we are optimizing for convenience. Log on to each machine via SSH using your user account, then switch to the root user using the su command:

su - root

Edit the /etc/ssh/sshd_config SSH daemon configuration file and set the PermitRootLogin option to yes:

sed -i \
  's/^#*PermitRootLogin.*/PermitRootLogin yes/' \
  /etc/ssh/sshd_config

Restart the sshd SSH server to pick up the updated configuration file:

systemctl restart sshd