commit 65c21d77408f752dff6e3b098f3cb1f42b1bf657
parent a190d53390ccd6a203dbae619fe06b07fe7d2826
Author: Andreas Gruhler <agruhl@gmx.ch>
Date: Mon, 28 Jul 2025 19:55:23 +0200
fix(intel): PermitRootLogin to run bootstrap scripts
Diffstat:
2 files changed, 15 insertions(+), 9 deletions(-)
diff --git a/config/preseed.cfg b/config/preseed.cfg
@@ -62,19 +62,19 @@ d-i partman-auto-lvm/guided_size string max
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true
-# Disable root account
+# Create root account for bootstrap scripts
d-i passwd/root-login boolean true
+# disable root password login
d-i passwd/root-password-crypted password !disabled
-d-i passwd/make-user boolean true
### Account setup
+d-i passwd/make-user boolean true
d-i passwd/username string in0rdr
d-i passwd/user-fullname string in0rdr
d-i passwd/user-uid string 1000
d-i passwd/user-default-groups string sudo
+# disable user password login
d-i passwd/user-password-crypted password !disabled
-#d-i passwd/user-password password pi
-#d-i passwd/user-password-again password pi
# The installer will warn about weak passwords. If you are sure you know
# what you're doing and want to override it, uncomment this.
@@ -86,9 +86,14 @@ tasksel tasksel/first multiselect standard, ssh-server
d-i pkgsel/include string openssh-server build-essential sudo
d-i pkgsel/upgrade select full-upgrade
-# allow ssh root login
-#d-i preseed/late_command string \
-# in-target sed -i 's/^.*PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
+# Allow ssh root login
+d-i preseed/late_command string \
+ in-target sed -i 's/^.*PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
+
+# Configure sudoers and ssh pubkeys
d-i preseed/late_command string \
+ echo 'in0rdr ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/90-preseed ; \
in-target sh -c 'mkdir -p /home/in0rdr/.ssh'; \
- in-target sh -c 'echo $pubkey > /home/in0rdr/.ssh/authorized_keys';
+ in-target sh -c 'echo $pubkey > /home/in0rdr/.ssh/authorized_keys'; \
+ in-target sh -c 'mkdir -p /root/.ssh'; \
+ in-target sh -c 'echo $pubkey > /root/.ssh/authorized_keys';
+\ No newline at end of file
diff --git a/hashi-pi.pkr.hcl b/hashi-pi.pkr.hcl
@@ -204,7 +204,7 @@ source "qemu" "hashiintel" {
output_directory = "${var.hostname}"
shutdown_command = "echo 'debian' | sudo -S shutdown -P now"
ssh_timeout = "15m"
- ssh_username = "in0rdr"
+ ssh_username = "root"
ssh_private_key_file = "/home/andi/.ssh/id_ed25519"
vm_name = "${var.hostname}.qcow2"
}
