Hello! I followed the guide to create a cloud-init script to get my initial configuration running…
#cloud-config
users:
- name: adminuser (admins own user, no root or standard admin account, removed for security)
ssh-authorized-keys:
- ssh-rsa *ssh-public-key* admin-user-laptop (removed for security, no reason to have details openly hanging around if not needed.
- ssh-rsa *ssh-public-key* admin-user-desktop (removed for security, no reason to have details openly hanging around if not needed.
sudo: ['ALL=(ALL) NOPASSWD:ALL']
groups: sudo
shell: /bin/bash
write_files:
- path: /etc/ssh/sshd_config
content: |
Port 22*** (removed last numbers for security reasons)
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 1024
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
AllowUsers adminuser (admins own user, no root or standard admin account, removed for security)
I took the liberty to remove some of the details in the script, as I see no reason to keep details that in itself is not harmful to others to know, but does not hurt removing either.
I’ve run the cloud-init on ubuntu 16.04 in the past, and it worked like a charm but was only for testing the code and be impressed by it. Now in the recent days, I’m unable to do a successful deploy with the same code, nothing changed. I’ve tried on both Ubuntu 16.04 and 18.04. No dice.
It allows me to connect to normal port 22, with the root account and password supplied in an email, which then tells me that this cloud-init was not running at all. If it did, login in through root on SSH with the password supplied would be rejected instead of allowed.
I’m only getting connection refused on port 22** with the private counterpart of the public ssh keys.
Has something changed with CloudInit, or am I doing something wrong?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
I think I found the answer, if you select stuff like extra storage blocks, the configuration Digital Ocean performs on the droplet ignores the cloudinit. Possible bug?
Why do I think this? I ran a new droplet creation without block storage / volume creation, and the cloud init worked heavenly!
Hello friend!
I was not able to replicate this by adding a storage volume. It may be worth opening a support ticket and letting our support team know all of the variables in play for this so that we can run through a similar scenario :)
Kind Regards, Jarland
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.