diff options
author | Christoph Helma <helma@in-silico.ch> | 2017-05-22 10:48:25 +0200 |
---|---|---|
committer | Christoph Helma <helma@in-silico.ch> | 2017-05-22 10:48:25 +0200 |
commit | 9c030c2f28689981377a11d48589191d05ee7a13 (patch) | |
tree | 0a390cf8b926c85fb2696b6a43f6afe3758eea35 | |
parent | e422e708ccb1f2aec0821f7e393bde62a9d5b5a2 (diff) |
coreos instructions updated
-rw-r--r-- | _posts/2017-05-16-coreos-installation-on-a-hetzner-server.md | 38 |
1 files changed, 16 insertions, 22 deletions
diff --git a/_posts/2017-05-16-coreos-installation-on-a-hetzner-server.md b/_posts/2017-05-16-coreos-installation-on-a-hetzner-server.md index ce3a947..f84a943 100644 --- a/_posts/2017-05-16-coreos-installation-on-a-hetzner-server.md +++ b/_posts/2017-05-16-coreos-installation-on-a-hetzner-server.md @@ -9,7 +9,7 @@ tags: [] - log into the rescue system - ssh root@{sever-ip} + `ssh root@{sever-ip}` - run `installimage` @@ -19,36 +19,30 @@ tags: [] * reboot into CoreOS - reboot + `reboot` - log into CoreOS (using the same password as for the rescue system) - ssh root@{sever-ip} + `ssh root@{sever-ip}` -- set the hostname (if you have omitted it in install.conf) +CoreOS overwrites user data in /etc during booting (e.g. after a automatic system update). In order to make persistent changes, we have to edit +`/var/lib/coreos-install/user_data`: - hostname {hostname} + - set the hostname + - add your public SSH key for the core user + - disable sftp `#Subsystem sftp internal-sftp` + - disable root login `PermitRootLogin no` + - disable password authentication `PasswordAuthentication no` -- change root password +The docker systemd service is not enabled by default, but we need it to restart docker services after a reboot: - passwd + `systemctl enable docker.service` -- create a password for the `core` user +Reboot to test changes: - passwd core + `reboot` -- login as core user from another console to make sure everything works as expected (and to avoid lockouts) - -- disable root login - - - edit /etc/ssh/sshd_config - - set PermitRootLogin no - - restart sshd - - sudo systemctl daemon-reload - -- exit root - - exit +Make sure you can login as core user: + `ssh core@{sever-ip}` |