From 9c030c2f28689981377a11d48589191d05ee7a13 Mon Sep 17 00:00:00 2001 From: Christoph Helma Date: Mon, 22 May 2017 10:48:25 +0200 Subject: coreos instructions updated --- ...5-16-coreos-installation-on-a-hetzner-server.md | 38 +++++++++------------- 1 file changed, 16 insertions(+), 22 deletions(-) diff --git a/_posts/2017-05-16-coreos-installation-on-a-hetzner-server.md b/_posts/2017-05-16-coreos-installation-on-a-hetzner-server.md index ce3a947..f84a943 100644 --- a/_posts/2017-05-16-coreos-installation-on-a-hetzner-server.md +++ b/_posts/2017-05-16-coreos-installation-on-a-hetzner-server.md @@ -9,7 +9,7 @@ tags: [] - log into the rescue system - ssh root@{sever-ip} + `ssh root@{sever-ip}` - run `installimage` @@ -19,36 +19,30 @@ tags: [] * reboot into CoreOS - reboot + `reboot` - log into CoreOS (using the same password as for the rescue system) - ssh root@{sever-ip} + `ssh root@{sever-ip}` -- set the hostname (if you have omitted it in install.conf) +CoreOS overwrites user data in /etc during booting (e.g. after a automatic system update). In order to make persistent changes, we have to edit +`/var/lib/coreos-install/user_data`: - hostname {hostname} + - set the hostname + - add your public SSH key for the core user + - disable sftp `#Subsystem sftp internal-sftp` + - disable root login `PermitRootLogin no` + - disable password authentication `PasswordAuthentication no` -- change root password +The docker systemd service is not enabled by default, but we need it to restart docker services after a reboot: - passwd + `systemctl enable docker.service` -- create a password for the `core` user +Reboot to test changes: - passwd core + `reboot` -- login as core user from another console to make sure everything works as expected (and to avoid lockouts) - -- disable root login - - - edit /etc/ssh/sshd_config - - set PermitRootLogin no - - restart sshd - - sudo systemctl daemon-reload - -- exit root - - exit +Make sure you can login as core user: + `ssh core@{sever-ip}` -- cgit v1.2.3