How do I set a password on an Ubuntu cloud image?

linux ubuntu virtualization vmware-vsphere virtualbox

37,609

Solution 1

Questions

It would be useful if you could add background information to the question, like:

Why do you need to set a root password. Maybe there is an alternative way. What are you trying to accomplish?
According to (1), the recommended way might be one among several options: root user with password, a new user with ssh key and sudo, others.)
What's your host operating system?
VirtualBox version?
VMWare vsphere version?

General plan

Set the correct settings for Virtualbox
Create the user-data and meta-data files
Generate the ISO image for cloud-init
Boot the VM with the attached ISO image as a removable device

Virtualbox

You can import the OVA as an appliance, use an IMG or VMDK disk. You can do this in the GUI or the command line.
You should enable the serial port in the hardware settings for the VM. Optionally, point it to a raw file in your home, so you can see the log in case of problems.
You need the iso/img generated below for cloud-init and mount it in the dvd or cd device for the VM you imported. If the VM doesn't include a dvd/cd device, you have to add one. Add it as IDE and master, then load the ISO generated below.

Cloud-Init

If you are using the Ubuntu Cloud Images, you should use Cloud-Init for setting the initial configuration, it allows you to set up:

Default locale
Hostname
Generating and setting up SSH private keys

... among other features.

Cloud-init's behavior can be configured via the user-data flag for inline commands or calling a YAML type config file with the settings to apply.

This is might be done via the --user-data or --user-data-file argument when you are running inline, or you can do it with the ISO. I'm going to show the steps for the ISO mount mode.

I will not setup a password for root or the user, I'm creating instead a new user with SSH access via ssh public keys and allowing the user sudo permissions instead.

Here is a sample user-data cloud-config file, create it with your text editor, and respect the name or the seed file won't be a valid seed and won't work.

#cloud-config
users:
  - default
  - name: eddypronk
    ssh-authorized-keys:
      - <your user public key here>
    sudo: ALL=(ALL) NOPASSWD:ALL
    groups: sudo
    shell: /bin/bash

You can also have a meta-data for the hostname and other definitions:

instance-id: set-an-unique-instance-name-id
local-hostname: set-the-hostname

After creating the files generate an iso file to load as a cdrom or dvd from the virtual manager:

genisoimage -output nocloud.iso -volid cidata -joliet -rock user-data meta-data

You need genisoimage for this or the cloud-utils tool cloud-localds for this other option:

cloud-localds my-seed.img my-user-data my-meta-data

Remember that if you leave the seed / nocloud iso mounted, it will ovewrite the settings in the VM with those in the data files. And if you change anything in user-data or meta-data you need to rebuild the iso or img.

Boot

You can now boot the VM. By default, you can not ssh to the machine using the username and password or connect through the VNC console (the "graphical" VM window in Virtualbox). You have to use public / private key authentication method with ssh. This means enabling a user with a public ssh key in the user-data YAML file. Also, sudo privileges elevation for the ubuntu account is passwordless, but the account is locked by default.

Solution 2

18.04 setup step-by-step

In short you need:

sudo apt-get install cloud-image-utils

cat >user-data <<EOF
#cloud-config
password: asdfqwer
chpasswd: { expire: False }
ssh_pwauth: True
EOF

cloud-localds user-data.img user-data

# user-data.img MUST come after the rootfs. 
qemu-system-x86_64 \
-drive file=ubuntu-18.04-server-cloudimg-amd64.img,format=qcow2 \
-drive file=user-data.img,format=raw
...

and now you can login with:

username: ubuntu
password: asdfqwer

Here I describe a full minimal detailed working QEMU example: https://askubuntu.com/questions/281763/is-there-any-prebuilt-qemu-ubuntu-image32bit-online/1081171#1081171

Solution 3

Here is a link to the possible solution https://techglimpse.com/nova-boot-instance-with-password/

Create a file called userdata.txt with the below contents:

#cloud-config
password: mypasswd
chpasswd: { expire: False }
ssh_pwauth: True

Now, pass userdata.txt file as an input while creating a new instance as shown below:

#openstack server create --flavor m1.small --image Ubuntu-Trusty --key-name  mykey --nic net-id=88536e89-12a9-41eb-8aed-57983ee299e8 --security-group default --user-data=userdata.txt my-ubuntu

The above command will set password mypasswd for the default user ubuntu.

Solution 4

according to their web, the password for the images are ramdomly generated.

The username will be ubuntu, but the images will 'spit out' the random generated password on their first boot.

"Get the password for 'ubuntu' and log in The default selection in the grub menu will result in a randomly generated password for the 'ubuntu' user on first boot. The password is written two places, the console and the serial device. On the console, you will see lines like:"

Read this link, step 4:

https://help.ubuntu.com/community/UEC/Images

Solution 5

The image you have has cloud-init installed. This means you can use NoCloud datasource to load the configuration from a floppy(vfat) or cd(ISO9660) image. In that image you can have a cloud-config file where you can configure the ssh keys

For more details read also: http://blog.klocwork.com/open-source/using-cloud-init-outside-of-the-cloud/

View more solutions

37,609

Emerick Varga

Updated on September 18, 2022

Comments

Emerick Varga over 1 year
I'm trying to start on .ova with VirtualBox and want to import the same image later in vSphere.

Ubuntu cloud images don't have a standard password anymore.

I'd like to edit the .ova to configure a password. (and later SSH keys)

The downloaded .ova does have a password property.

I found a tool called cot (Common OVF tool) to edit the properties.

I tried:
```
cot edit-properties ubuntu-18.04-server-cloudimg-amd64-custom.ova -p password=ubuntu
```
Also also tried:
```
cot edit-properties ubuntu-18.04-server-cloudimg-amd64-custom.ova -p user-data="password: ubuntu"
```
Both attempts without success. (unable to login)

Is there a step to apply this configuration into the images, or do these properties get passed to the image when it starts?

Any ideas?

Updated: (answers to background questions)
1. As a first step I want root access, so I can test the network setup of adapter, bridge, routes, DNS.
2. A new user with ssh key and sudo is 2nd goal.
3. Ubuntu 17.10 (soon 18.04)
4. VirtualBox 5.2.14
5. vSphere 5.5
- Taniel Kirikal almost 3 years
  
  You can use ubuntu recovery mode, to change root password. Described here: https://shruthigurudath.medium.com/reset-password-using-an-u‌buntu-root-shell-705‌6c59a23ea Later, when you have access to the system, you can add other users and disable root login if you want..
Emerick Varga almost 6 years

When you boot the VM you can't add a password because you need to login first.
user5870571 almost 6 years

Perhaps I misunderstood but didn’t you say there isn’t a password?
Emerick Varga almost 6 years

When the property 'password' is set to 'RANDOM' it should do that, but recent images have the value ''. I connected the output of the serial device to a file in VirtualBox and it doesn't 'spit out' the password. I don't see the grub menu and I doubt it has grub installed at all.
Emerick Varga almost 6 years

It doesn't have a standard password but it doesn't start a root shell either.
Law29 almost 6 years

Please note that the main reason for using "ssh-authorized-keys" instead of "password" is that it is much more secure. Since OP says that they will later add SSH keys, there seems to be no reason to do the complicated and less secure way first.
Emerick Varga almost 6 years

@Leo I generated the nocloud.iso and could login to the VirtualBox VM with my ssh key. No need for a password. Thanks for your help!