bootstrap-vz/bootstrapvz/plugins/admin_user/README.rst

Admin user
----------

This plugin creates a user with passwordless sudo privileges. It also
disables the SSH root login. There are three ways to grant access to
the admin user:
-  Use the EC2 public key (EC2 machines only)
-  Set a password for the user
-  Provide a SSH public key to allow remote SSH login

If the EC2 init scripts are installed, the script for fetching the
SSH authorized keys will be adjusted to match the username
specified in ``username``.

If a password is provided (the ``password`` setting),
this plugin sets the admin password, which also re-enables
SSH password login (off by default in Jessie or newer).

If the optional setting ``pubkey`` is present (it should be a full path
to a SSH public key), you will be able to log in to the admin user account
using the corresponding private key
(this disables the EC2 public key injection mechanism).

The ``password`` and ``pubkey`` settings can be used at the same time.

Settings
~~~~~~~~

-  ``username``: The username of the account to create. ``required``
-  ``password``: An optional password for the account to create. ``optional``
-  ``pubkey``:   The full path to an SSH public key to allow
   remote access into the admin account. ``optional``

Example:

.. code:: yaml

    ---
    plugins:
      admin_user:
        username: admin
        password: s3cr3t
        pubkey: /home/bootstrap-vz/.ssh/id_rsa
Combine documentation from github wiki with sphinx This is the first step in the effort of combining all documentation about bootstrap-vz into sphinx while still being able to access it from github (github can parse rst as well) 2015-04-11 16:15:49 +02:00			`Admin user`
			`----------`

			`This plugin creates a user with passwordless sudo privileges. It also`
[admin_user]: Added support for password and static pubkey auth This commit adds authentication optionally with passwords or static ssh pubkeys for the admin user. There are now three ways to grant access to the admin user: - Set a password for the user, or - Provide a ssh public key to allow remote ssh login, or - Use the EC2 public key (EC2 machines only) If a password is provided, this plugin sets the admin password. This also re-enables password login (off by default in Jessie). If the optional argument pubkey is present (it should be a full path to a ssh public key), it will ensure that the ssh public key is used to set up password less remote login for the admin user. Only one of these options (password, or pubkey) may be specified. If neither the password not a ssh public key location are specified, and if the EC2 init scripts are installed, the script for fetching the SSH authorized keys will be adjust to match the username specified. Fixes: https://github.com/andsens/bootstrap-vz/issues/248 Signed-off-by: Manoj Srivastava <srivasta@google.com> 2015-09-28 11:49:50 -07:00			`disables the SSH root login. There are three ways to grant access to`
			`the admin user:`
			`- Use the EC2 public key (EC2 machines only)`
admin_user: Allow pubkey & password to be used together Also change README a little, add some comments and get the code a little more in line with the style of bootstrap-vz 2016-02-10 21:56:52 +01:00			`- Set a password for the user`
			`- Provide a SSH public key to allow remote SSH login`
[admin_user]: Added support for password and static pubkey auth This commit adds authentication optionally with passwords or static ssh pubkeys for the admin user. There are now three ways to grant access to the admin user: - Set a password for the user, or - Provide a ssh public key to allow remote ssh login, or - Use the EC2 public key (EC2 machines only) If a password is provided, this plugin sets the admin password. This also re-enables password login (off by default in Jessie). If the optional argument pubkey is present (it should be a full path to a ssh public key), it will ensure that the ssh public key is used to set up password less remote login for the admin user. Only one of these options (password, or pubkey) may be specified. If neither the password not a ssh public key location are specified, and if the EC2 init scripts are installed, the script for fetching the SSH authorized keys will be adjust to match the username specified. Fixes: https://github.com/andsens/bootstrap-vz/issues/248 Signed-off-by: Manoj Srivastava <srivasta@google.com> 2015-09-28 11:49:50 -07:00
admin_user: Allow pubkey & password to be used together Also change README a little, add some comments and get the code a little more in line with the style of bootstrap-vz 2016-02-10 21:56:52 +01:00			`If the EC2 init scripts are installed, the script for fetching the`
			`SSH authorized keys will be adjusted to match the username`
			specified in ``username``.
[admin_user]: Added support for password and static pubkey auth This commit adds authentication optionally with passwords or static ssh pubkeys for the admin user. There are now three ways to grant access to the admin user: - Set a password for the user, or - Provide a ssh public key to allow remote ssh login, or - Use the EC2 public key (EC2 machines only) If a password is provided, this plugin sets the admin password. This also re-enables password login (off by default in Jessie). If the optional argument pubkey is present (it should be a full path to a ssh public key), it will ensure that the ssh public key is used to set up password less remote login for the admin user. Only one of these options (password, or pubkey) may be specified. If neither the password not a ssh public key location are specified, and if the EC2 init scripts are installed, the script for fetching the SSH authorized keys will be adjust to match the username specified. Fixes: https://github.com/andsens/bootstrap-vz/issues/248 Signed-off-by: Manoj Srivastava <srivasta@google.com> 2015-09-28 11:49:50 -07:00
admin_user: Allow pubkey & password to be used together Also change README a little, add some comments and get the code a little more in line with the style of bootstrap-vz 2016-02-10 21:56:52 +01:00			If a password is provided (the ``password`` setting),
			`this plugin sets the admin password, which also re-enables`
			`SSH password login (off by default in Jessie or newer).`
[admin_user]: Added support for password and static pubkey auth This commit adds authentication optionally with passwords or static ssh pubkeys for the admin user. There are now three ways to grant access to the admin user: - Set a password for the user, or - Provide a ssh public key to allow remote ssh login, or - Use the EC2 public key (EC2 machines only) If a password is provided, this plugin sets the admin password. This also re-enables password login (off by default in Jessie). If the optional argument pubkey is present (it should be a full path to a ssh public key), it will ensure that the ssh public key is used to set up password less remote login for the admin user. Only one of these options (password, or pubkey) may be specified. If neither the password not a ssh public key location are specified, and if the EC2 init scripts are installed, the script for fetching the SSH authorized keys will be adjust to match the username specified. Fixes: https://github.com/andsens/bootstrap-vz/issues/248 Signed-off-by: Manoj Srivastava <srivasta@google.com> 2015-09-28 11:49:50 -07:00
admin_user: Allow pubkey & password to be used together Also change README a little, add some comments and get the code a little more in line with the style of bootstrap-vz 2016-02-10 21:56:52 +01:00			If the optional setting ``pubkey`` is present (it should be a full path
			`to a SSH public key), you will be able to log in to the admin user account`
			`using the corresponding private key`
			`(this disables the EC2 public key injection mechanism).`
[admin_user]: Added support for password and static pubkey auth This commit adds authentication optionally with passwords or static ssh pubkeys for the admin user. There are now three ways to grant access to the admin user: - Set a password for the user, or - Provide a ssh public key to allow remote ssh login, or - Use the EC2 public key (EC2 machines only) If a password is provided, this plugin sets the admin password. This also re-enables password login (off by default in Jessie). If the optional argument pubkey is present (it should be a full path to a ssh public key), it will ensure that the ssh public key is used to set up password less remote login for the admin user. Only one of these options (password, or pubkey) may be specified. If neither the password not a ssh public key location are specified, and if the EC2 init scripts are installed, the script for fetching the SSH authorized keys will be adjust to match the username specified. Fixes: https://github.com/andsens/bootstrap-vz/issues/248 Signed-off-by: Manoj Srivastava <srivasta@google.com> 2015-09-28 11:49:50 -07:00
admin_user: Allow pubkey & password to be used together Also change README a little, add some comments and get the code a little more in line with the style of bootstrap-vz 2016-02-10 21:56:52 +01:00			The ``password`` and ``pubkey`` settings can be used at the same time.
Combine documentation from github wiki with sphinx This is the first step in the effort of combining all documentation about bootstrap-vz into sphinx while still being able to access it from github (github can parse rst as well) 2015-04-11 16:15:49 +02:00
			`Settings`
			`~~~~~~~~`

Docs: fix wrongfully escaped terms 2015-04-28 01:21:07 -03:00			- ``username``: The username of the account to create. ``required``
[admin_user]: Added support for password and static pubkey auth This commit adds authentication optionally with passwords or static ssh pubkeys for the admin user. There are now three ways to grant access to the admin user: - Set a password for the user, or - Provide a ssh public key to allow remote ssh login, or - Use the EC2 public key (EC2 machines only) If a password is provided, this plugin sets the admin password. This also re-enables password login (off by default in Jessie). If the optional argument pubkey is present (it should be a full path to a ssh public key), it will ensure that the ssh public key is used to set up password less remote login for the admin user. Only one of these options (password, or pubkey) may be specified. If neither the password not a ssh public key location are specified, and if the EC2 init scripts are installed, the script for fetching the SSH authorized keys will be adjust to match the username specified. Fixes: https://github.com/andsens/bootstrap-vz/issues/248 Signed-off-by: Manoj Srivastava <srivasta@google.com> 2015-09-28 11:49:50 -07:00			- ``password``: An optional password for the account to create. ``optional``
admin_user: Allow pubkey & password to be used together Also change README a little, add some comments and get the code a little more in line with the style of bootstrap-vz 2016-02-10 21:56:52 +01:00			- ``pubkey``: The full path to an SSH public key to allow
[admin_user]: Added support for password and static pubkey auth This commit adds authentication optionally with passwords or static ssh pubkeys for the admin user. There are now three ways to grant access to the admin user: - Set a password for the user, or - Provide a ssh public key to allow remote ssh login, or - Use the EC2 public key (EC2 machines only) If a password is provided, this plugin sets the admin password. This also re-enables password login (off by default in Jessie). If the optional argument pubkey is present (it should be a full path to a ssh public key), it will ensure that the ssh public key is used to set up password less remote login for the admin user. Only one of these options (password, or pubkey) may be specified. If neither the password not a ssh public key location are specified, and if the EC2 init scripts are installed, the script for fetching the SSH authorized keys will be adjust to match the username specified. Fixes: https://github.com/andsens/bootstrap-vz/issues/248 Signed-off-by: Manoj Srivastava <srivasta@google.com> 2015-09-28 11:49:50 -07:00			remote access into the admin account. ``optional``
admin_user: Allow pubkey & password to be used together Also change README a little, add some comments and get the code a little more in line with the style of bootstrap-vz 2016-02-10 21:56:52 +01:00
			`Example:`

			`.. code:: yaml`

			`---`
			`plugins:`
			`admin_user:`
			`username: admin`
			`password: s3cr3t`
			`pubkey: /home/bootstrap-vz/.ssh/id_rsa`