[Chester LUG] Digitalocean users.. a question
Michael Crilly
michael at mcrilly.me
Thu Jul 30 12:18:16 UTC 2015
The initial root login is designed to give you an easy way in so you can
configure the system, locking down root login and removing that key from
the system (after adding additional users and allowing them to sudo to
root.)
Think of that initial SSH key as a deployment key - login once with it,
then use Ansible to setup your system with new users and various other
state.
Cheers,
Mike.
On 30 Jul 2015 9:50 pm, "Stuart Burns" <stuart.james.burns at gmail.com> wrote:
> Hi Everyone,
>
> I am just in the process of moving over some sites to DO and I thought I
> would start using the stored SSH key system you can use when deploying your
> droplets. It works fine, no issues. Just I dont really feel comfortable
> logging in as root directly. Years of non root logins make me feel itchy
> about this.
>
> What does everyone else think? (I know you can alter and someone trying to
> crack a proper PKI implementation may have a long wait!) I was more
> concerned with it being out the box functionality.
>
> Regards
>
> Stuart
>
> _______________________________________________
> Chester mailing list
> Chester at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/chester
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/chester/attachments/20150730/885c779e/attachment.html>
More information about the Chester
mailing list