Problem with SSH keys

[cairoapcampos]

I'm using this Dockerfile to build my image:

https://github.com/retspen/webvirtcloud/blob/master/Dockerfile

But as the default user of the container is root I'm having some problems with SSH. The key generated is for the user www-data and not for root when I try to connect with the command ssh root@compute1 the password is requested.

Documentation settings:

chown www-data -R ~www-data sudo -u www-data ssh-keygen

cat > ~www-data/.ssh/config << EOF
Host *
StrictHostKeyChecking no
EOF

chown www-data -R ~www-data/.ssh/config

To try to get around the problem, I generated the keys for root with the commands below:

ssh-keygen

cat > ~root/.ssh/config << EOF
Host *
StrictHostKeyChecking no
EOF

ssh-copy-id root@compute1

ssh root@compute1

This way the password was no longer requested.

Is there a better way to do these settings?

Note: "passphrase" was not defined when generating the keys. The password requested is the KVM host password.

[5he1n]

The correct way to share ssh key with compute is:

chown www-data -R ~www-data/.ssh/  
setuser www-data ssh-keygen -f ~www-data/.ssh/id_rsa -q -N ""  
setuser www-data ssh-copy-id root@compute1

and then check it

setuser www-data ssh-copy-id root@compute1

[cairoapcampos]

I tested it and it worked correctly. Thank you.

When evaluating compute node security. Is it better to use a user other than root? Do you use another user?

[catborise]

yes you can/should manage with a user other than root. To make this, you must configure host libvirt.conf. there are many resources how you can do that;

1. https://computingforgeeks.com/use-virt-manager-as-non-root-user/ (virt-manager is like webvirtcloud but only works desktop env.
2. https://www.poftut.com/use-virt-manager-libvirt-normal-user-without-root-privileges-without-asking-password/

[cairoapcampos]

Thank you again for your help.