hetzner-dedicated/zfs: Password for root user
This commit is contained in:
parent
70acd87eff
commit
2878a591a1
|
@ -20,11 +20,8 @@
|
||||||
# inspired by https://nixos.wiki/wiki/Install_NixOS_on_Hetzner_Online
|
# inspired by https://nixos.wiki/wiki/Install_NixOS_on_Hetzner_Online
|
||||||
# * This server has 2 SSDs.
|
# * This server has 2 SSDs.
|
||||||
# We put everything on mirror (RAID1 equivalent).
|
# We put everything on mirror (RAID1 equivalent).
|
||||||
# * A root user with empty password is created, so that you can just login
|
# * A root user with a password is created, so that you can just login
|
||||||
# as root and press enter when using the Hetzner spider KVM.
|
# as root when using the Hetzner spider KVM.
|
||||||
# Of course that empty-password login isn't exposed to the Internet.
|
|
||||||
# Change the password afterwards to avoid anyone with physical access
|
|
||||||
# being able to login without any authentication.
|
|
||||||
# * The script reboots at the end.
|
# * The script reboots at the end.
|
||||||
# * exports of env vars are added throughout the script in case you want to run it manually
|
# * exports of env vars are added throughout the script in case you want to run it manually
|
||||||
export LC_ALL=C
|
export LC_ALL=C
|
||||||
|
@ -400,8 +397,7 @@ cat > /mnt/etc/nixos/configuration.nix <<EOF
|
||||||
"2001:4860:4860::8844"
|
"2001:4860:4860::8844"
|
||||||
];
|
];
|
||||||
|
|
||||||
# Initial empty root password for easy login:
|
users.users.root.initialHashedPassword = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32";
|
||||||
users.users.root.initialHashedPassword = "";
|
|
||||||
services.openssh.permitRootLogin = "prohibit-password";
|
services.openssh.permitRootLogin = "prohibit-password";
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = ["$SSH_PUB_KEY"];
|
users.users.root.openssh.authorizedKeys.keys = ["$SSH_PUB_KEY"];
|
||||||
|
|
Loading…
Reference in a new issue