feat: How to connect with different user after reboot?

nix-community / nixos-anywhere

install nixos everywhere via ssh [maintainer=@numtide]

https://nix-community.github.io/nixos-anywhere/

MIT License

1.66k stars 116 forks source link

feat: How to connect with different user after reboot? #409

Closed gabyx closed 1 month ago

gabyx commented 1 month ago

I have VM that has a user ubuntu.

I can run nixos-anywhere --flake ... 11.11.11.11 (which actually works on engine.switch.ch which is really great). The ~/.ssh/config is:

Host 11.11.11.11
    IdentityFile ~/.ssh/vm
    IdentitiesOnly yes
    User ubuntu

However once it reboots -> I can no longer connect because the user changed to root =). It works if I in the meantime change the User ubuntu to User root.

Is there a way to somehow trick nixos-anywhere to use root after install or some other ssh options?

gabyx commented 1 month ago

Or even maybe nixos-anywhere could provide an option: --post-kexec-ssh-user or even --post-kexec-ssh-hostname where the later gives the opportunity to use --post-kexec-ssh-hostname afterinstall with an ~/.ssh/config as;

Host 11.11.11.11
    IdentityFile ~/.ssh/vm
    IdentitiesOnly yes
    User ubuntu

Host afterinstall
    IdentityFile ~/.ssh/vm
    IdentitiesOnly yes
    User root

Would a PR be welcome on this? What would you reckon is a good solution?

sedlund commented 1 month ago

It should kexec onto the new kernel (this is not a reboot) and nixos-anywhere will reconnect to the machine using generated ssh keys from prior to kexec and install nixos. is this not happening?

your nixosConfiguration flake should have configured the user and ssh key (if that is your method to connect) to use after reboot.

by after reboot am I correct to think that NixOS is installed at this point? If that is the case nixos-anywheres job is complete.

gabyx commented 1 month ago

your nixosConfiguration flake should have configured the user and ssh key (if that is your method to connect) to use after reboot. Jeah: My ssh config is the same as https://github.com/nix-community/nixos-anywhere-examples/blob/main/configuration.nix#L26

First I do nixos-anywhere --flake ubuntu@host and then the installation after kexec fails to reconnect, I can leave it trying to reconnect -> and change User to root in the .ssh/config and then it suddenly works and I see all nix store paths getting copied and the install finished successfully =)

sedlund commented 1 month ago

please provide the full logs with --debug enabled along with the command you are running.

it should be trying to reconnect with the user provided to install as and using the generated key that it installed.

you can try to debug why ssh is not allowing login by logging in yourself after kexec and looking at the ssh logs.

the nixos-anywhere key will be inserted into ~ubuntu/.ssh/authorized_keys via ssh-copy-id the private key on the installer machine will be in /tmp/tmp.SOMEWHERE you will see when you run it with --debug.

sedlund commented 1 month ago

you should not be having this

IdentitiesOnly yes

EDIT strike that. it should be ok.

gabyx commented 1 month ago

@sedlund : Ah thanks a lot!

gabyx commented 1 month ago

See #411. Thanks.