0

I'm using Packer to generate a new VMware vCenter template for Ubuntu Server 22.04. The packer build goes pretty well until near the end, where it seems to run into issues with the ssh password. The one set through user-data just doesn't work when I try to log in, although packer is able to execute scripts using the password without any issues. I started with basically the exact same user-data file that I've been using successfully with Focal. I've regenerated the password several times with no luck, and this crypted password works fine for focal.

Does anyone see any issues with my user-data? Is there some gotcha with 22.04 that I'm missing? I've tried with and without the "users" block, but it doesn't seem to make a difference.

Thanks!

#cloud-config
autoinstall:
    version: 1
    early-commands:
        # workaround to stop ssh for packer as it thinks it timed out
        - sudo systemctl stop ssh
    users:
    - default
    - name: ansible
      passwd: '$6$rounds=4096$UHMNxOtuu$.4zAwGuhVEC8w06EnkMbWPMUJx/4VMDOyk.J9a9SksieOJcZflaU61w7El.V5QBTdsNnqsYncNPcJ6cxOKwgI1'
      shell: /bin/bash
      lock-passwd: false
      ssh_pwauth: True
      chpasswd: { expire: False }
      sudo: ALL=(ALL) NOPASSWD:ALL
      groups: users, admin
      locale: en_US
      keyboard:
          layout: en
          variant: us
    packages: [open-vm-tools]
    network:
        network:
            version: 2
            ethernets:
                ens192:
                    dhcp4: true
    identity:
        hostname: ubuntu-server
        username: ubuntu
        password: '$6$rounds=4096$UHMNxOtuu$.4zAwGuhVEC8w06EnkMbWPMUJx/4VMDOyk.J9a9SksieOJcZflaU61w7El.V5QBTdsNnqsYncNPcJ6cxOKwgI1'
    ssh:
        install-server: yes
        allow-pw: yes

storage:
    layout:
        name: lvm
user-data:
    disable_root: false
late-commands:
    - echo 'ubuntu ALL=(ALL) NOPASSWD:ALL' > /target/etc/sudoers.d/ubuntu
    - curtin in-target --target=/target -- chmod 440 /etc/sudoers.d/ubuntu

EDIT: I was able to boot into the template and it looks like the "ansible" user never gets created. I can see the ubuntu user getting created in /var/log/cloud-init.log but the ansible user never shows up in that log.

spikeypanda48
  • 1

1 Answers1

1

Your users section needs to be under the user-data section.

Also, if you specify an identity section then the users section gets ignored completely. This is not documented and is either a bug or poor documentation.

This is sample configuration that will create both the ubuntu user and the ansible user and assign them both the same password. The ubuntu user is created because of the default list item, and then chpasswd is used to update its password. This is only a snippet of a full user-data file. The rest of the file must not contain an identity section.

#cloud-config
autoinstall:
  user-data:
    users:
    - default
    - name: ansible
      passwd: $6$rounds=4096$UHMNxOtuu$.4zAwGuhVEC8w06EnkMbWPMUJx/4VMDOyk.J9a9SksieOJcZflaU61w7El.V5QBTdsNnqsYncNPcJ6cxOKwgI1
      shell: /bin/bash
      lock-passwd: false
      sudo: ALL=(ALL) NOPASSWD:ALL
      groups: users, admin
    chpasswd:
      expire: false
      list:
        - ubuntu:$6$rounds=4096$UHMNxOtuu$.4zAwGuhVEC8w06EnkMbWPMUJx/4VMDOyk.J9a9SksieOJcZflaU61w7El.V5QBTdsNnqsYncNPcJ6cxOKwgI1

see also

notes

I tested this snippet successfully on Ubuntu 22.04 (subiquity 22.04.2)

Andrew Lowther
  • 6,451
  • Thank you! This got the password working for me, I'm running into another issue with networking (it only gets a v6 address) but that's another story – spikeypanda48 May 19 '22 at 15:39