[Grml] Problem with grml autoconfig

Lupe Christoph lupe at lupe-christoph.de
Mon Sep 5 16:17:31 CEST 2011


On Monday, 2011-09-05 at 06:50:05 -0700, Bojan Sukalo wrote:
> Thank You.
> That helped a lot.

You're welcome.

> I know we supposed to finish this thread and start another but I need hint a bout ssh server.

> Starting an sshd from script does the job but I have problem because root password is empty so I not access the server.

I would propose that you use a key to access root on this server rather
than a password. While you could overwrite /etc/passwd from grml.sh or
config.tbz, I would not recommend to do that.

Here is what I do:

1) Create /root/.ssh/authorized_keys
2) Save these files and directories to /mnt/GRMLCFG/config.tbz:
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_dsa_key.pub
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ecdsa_key.pub
/etc/ssh/ssh_host_key
/etc/ssh/ssh_host_key.pub
/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_rsa_key.pub
/root/.ssh
3) Log in with the key

> Is there a workaroud. bootoption ssh:mysecret does not seem to start the sshd or to change password for grml user.

That should be ssh=password not ssh:password.

> Even if it does, will I abe able to change from grml to root without knowing the root pass.

May I suggest "sudo su -"? The grml user has full sudoers rights,
without a password. But with the default /etc/shadow, "su -" does not
request a password.

If you want to use /mnt/GRMLCFG/config.tbz, here is what I use to manage
it. I write the file and directory names to /mnt/GRMLCFG/config.list and
run this little script (/mnt/GRMLCFG/save-config) to refresh
/mnt/GRMLCFG/config.tbz:

#!/bin/sh

tar cvfjpP /mnt/GRMLCFG/config.tbz -T /mnt/GRMLCFG/config.list

HTH,
Lupe Christoph
-- 
| It is a well-known fact in any organisation that, if you want a job    |
| done, you should give it to someone who is already very busy.          |
| Terry Pratchett, "Unseen Academicals"                                  |


More information about the Grml mailing list