default packer root user password - packer

{
"type": "amazon-ebs",
"instance_type": "t2.micro",
....
....
"ssh_username": "packer"
}
I am might be missing something I think,
What is the default packer root user password if not set on build ?
Thanks in advance

There is no such thing. Most Amazon AMI's uses cloud-init to retrieve a public ssh key that it will allow the default user to login with, this user will have password less sudo rights. The default user for Amazon Linux is ec2-user and for Ubuntu it's ubuntu.
If you only specify ssh_username in your packer template Packer will create a temporary keypair that it will use during provisioning.
You should probably read the AWS EC2 docs, especially AWS User Guide - EC2 Key Pairs

Related

GCE - different username if i use SSH or log in from terminal?

I created a new project with nothing in it.
When I created my first micro instance I did the following
Connect to it using the browser window SSH.
I see:
user_name#instance-1:~$
If I connect using the gcloud command:
gcloud compute --project "projectname-165421" ssh --zone "us-east1-b" "instance-1"
I am brought to:
username#instance-1:~$
Why is this happening, and how do I resolve it?
This is creating two separate users which is creating a great deal of confusion for me!
Thank you
By default, the cloudSDK will try to connect using the user running the command.
If you look at the docs,
It says you can specify the username like you would, with your default ssh client.
Meaning on your computer:
gcloud compute --project "projectname-165421" ssh --zone "us-east1-b" "user_name#instance-1"
Alternatively, switch user in the browser window SSH:
sudo su username
I use this command to fix it on MacOS:
LOGNAME=ubuntu gcloud compute ssh app1
In answer to some of the comments: yes, you can change the default username. This is stored under the environment variable $USER. You can view the current value of this variable by running in your local terminal:
echo $USER
You can set the value of this variable to the default user you would like, by running the following (assuming you are using any of bash/zsh):
export USER=the_new_default_user
For example, if the new desired default user is "pablo" then:
export USER=pablo
Now, every time you run the following command to ssh in your instance, you'll ssh into pablo:
gcloud compute ssh MY_INSTANCE
I hope this helps!

not able to run remote command in zabbix

I am trying to restart flanneld service running on one VM from my zabbix server UI using triggers and action. I followed the zabbix-docs. zabbix user has sudo permissions ( verified this by logging as zabbix user and running command sudo yum update ). Command used to start flanneld is sudo /usr/bin/flanneld. Does anyone know the cause ?
Configuration done :
Action is created on trigger "flanneld service not running" as-
Conditions :-
Trigger = my Zabbix server: flanneld service not running
Host = my Zabbix server
Operations :-
Target list : Host: my Zabbix server
Execute on Zabbix agent
Commands : sudo /usr/bin/flanneld
thanks in advance.
I would firstly append sudo within your script to the relevant sections so you do not need to worry about that and simply add the location to your script within Zabbix.
You will then need to ensure that you have enabled "EnableRemoteCommands" as by default running a remote command is disabled on a Zabbix agent.
You can do this by simply adding the following line in your zabbix_agent.conf file.
EnableRemoteCommands=1

How to get password for sudo

I'm trying to use the command sudo -i -u postgres for PostgreSQL, and the Google Compute Engine VM is asking me for my password for my account (not root).
As I never issued a password, and I always login to my server via SSH key, I'm not sure what the password is, how I can reset it, or where it can be found.
Please tell me where I can get my password?
To become another non-root user on a GCE VM, first become root via password-less sudo (since that's how sudo is configured on GCE VM images):
sudo su -
and then switch to the user you want to become or run a command as another use, e.g., in your case, that's:
sudo -i -u postgres
Per https://cloud.google.com/compute/docs/instances ,
The instance creator and any users that were added using the metadata
sshKeys value are automatically administrators to the account, with
the ability to run sudo without requiring a password.
So you don't need that non-existent password -- you need to be "added using the metadata sshKeys value"! The canonic way to do that, and I quote from that same page:
$ echo user1:$(cat ~/.ssh/key1.pub) > /tmp/a
$ echo user2:$(cat ~/.ssh/key2.pub) >> /tmp/a
$ gcloud compute project-info add-metadata --metadata-from-file sshKeys=/tmp/a
or you can use the Google Developers Console for similar purposes, see https://cloud.google.com/compute/docs/console#sshkeys if you'd prefer that.
Summary
While creating the VM, specify the ssh user in the "Enter the entire key data" box.
Details
generate the ssh key pair and identify the public key:
if ssh-keygen, a file ending with ".pub"
if PuTTYgen, the text in box "Public key for pasting ..."
Notice the fields, all one one line, separated by spaces: "protocol key-blob username".
For username, you may find your Windows user name or a string like "rsa-key-20191106". You will replace that string with your choice of Linux user name.
Paste the public key info into the "Enter the entire key data" box.
Change the 3rd field to the actual user that you want to create on the VM. If, for example, "gcpuser", then:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjUIG3Z8wKWf+TZQ7nVQzB4s8U5rKGVE8NAt/LxlUzEjJrhPI5m+8llLWYY2PH4atZzuIYvYR0CVWhZvZQzLQc33vDOjQohxV9Lg26MwSqK+bj6tsr9ZkMs2zqNbS4b2blGnr37+dnwz+FF7Es9gReqyPxL9bn5PU/+mK0zWMHoZSEfUkXBrgqKoMQTsYzbMERluByEpZm9nRJ6ypvr9gufft9MsWC2LPhEx0O9YDahgrCsL/yiQVL+3x00DO9sBOXxi8kI81Mv2Rl4JSyswh1mzGAsT1s4q6fxtlUl5Ooz6La693IjUZO/AjN8sZPh03H9WiyewowkhMfS0H06rtGQ== gcpuser
create your VM. (Debian, for example)
Connect to the VM
directly from ssh or PuTTY (not browser window)
use the private key
specify the user
Notice that your public key is present:
gcpuser#instance-1:~/.ssh$ cat authorized_keys
# Added by Google
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjUIG3Z8wKWf+TZQ7nVQzB4s8U5rKGVE8NAt/LxlUzEjJrhPI5m+8llLWYY2PH4atZzuIYvYR0CVWhZvZQzLQc33vDOjQohxV9Lg26MwSqK+bj6tsr9ZkMs2zqNbS4b2blGnr37+dnwz+FF7Es9gReqyPxL9bn5PU/+mK0zWMHoZSEfUkXBrgqKoMQTsYzbMERluByEpZm9nRJ6ypvr9gufft9MsWC2LPhEx0O9YDahgrCsL/yiQVL+3x00DO9sBOXxi8kI81Mv2Rl4JSyswh1mzGAsT1s4q6fxtlUl5Ooz6La693IjUZO/AjN8sZPh03H9WiyewowkhMfS0H06rtGQ== gcpuser
Notice that you are in group google-sudoers
gcpuser#instance-1:~/.ssh$ id
uid=1000(gcpuser) gid=1001(gcpuser) groups=1001(gcpuser),4(adm),30(dip),44(video),46(plugdev),1000(google-sudoers)
sudo to root with no password
gcpuser#instance-1:~$ sudo -i -u root
root#instance-1:~#
Notice the sudoers file:
root#instance-1:~# cat /etc/sudoers.d/google_sudoers
%google-sudoers ALL=(ALL:ALL) NOPASSWD:ALL
Conclusion
Specifying the username in "Enter the entire key data" has these results:
creating the user in the virtual machine.
uploading the key to ~/.ssh
membership in a passwordless sudo group

Trouble tunneling my local Wordpress install to the mysql database on appfog

I've set up a wordpress install on appfog (using rackspace), and cloned the install to my local machine for development. I know the install works (using MAMP) because I created a local mysql database and changed wp-config.php to point to it. However, I want to develop without having to change wp-config.php every time I commit. After doing some research, it seems like the Appfog service Caldecott lets me tunnel into the mysql database on the server, using af tunnel. Unfortunately, I'm having issues with getting it working. Even if I change my MAMP mysql port to something like 8889, and tunnel mysql through port 3306, it looks like it's connected but I still get "Error establishing a database connection" when loading my localhost Wordpress. When I quit the mysql monitor (using ctrl+x, ctrl+c), I get a message stating "Error: 'mysql' execution failed; is it in your $PATH?'. Originally, no, it wasn't, but I've fixed my PATH variable on my local machine so that when I go to Terminal and just type mysql, it loads up.
So I guess my question is 2 parts:
1.)Am I going with the right approach for Wordpress development on my local machine
and
2.)If so, why is the tunnel not working?
One way to deal with this is to mimic the VCAP_SERVICES environment variable on your local system with your local database settings. This would allow you to use the same custom AppFog wp-config.php file which looks at VCAP_SERVICES to get its db creds.
export VCAP_SERVICES='{"mysql-5.1": [{"credentials": {
"hostname": "localhost",
"port": 3306,
"password": "root",
"name": "LOCAL_DATABASE_NAME",
"user": "root"}}]}'
EDIT: You will need to restart the Apache server in MAMP after setting this env var. (Thanks Dex)
This will eliminate the need to point your development code at your production database.
simply test for whether vcap_services are available. if they are, use one config. if they arent, use a different config.
here is an example of my local + appfog development website configuration file.
if(getenv("VCAP_SERVICES")){
//if in webserver
$services_json = json_decode(getenv("VCAP_SERVICES"),true);
$mysql_config = $services_json["mysql-5.1"][0]["credentials"];
$username = $mysql_config["username"];
$password = $mysql_config["password"];
$hostname = $mysql_config["hostname"];
$port = $mysql_config["port"];
$db = $mysql_config["name"];
define("DB_SERVER", "$hostname");
define("DB_USER", "$username");//enter your database username
define("DB_PASS", "$password");//databse password
define("DB_NAME", "$db");//database name
} else {
//if in local development
define("DB_SERVER", "localhost");
define("DB_USER", "website");//enter your database username
define("DB_PASS", "dfgdfgdf");//databse password
define("DB_NAME", "fgdf_web");//database name
}
also, you can use .afignore same way you'd use .gitignore to ignore some files from the af update feature. u can update once with appropriate config, then add afignore, then it will never get updated again.
Here is a quick and very dirty script to automate the process based on Tim Santeford's answer. Be sure to change the LOCAL_DATABASE_NAME
#!/bin/bash
export VCAP_SERVICES='{"mysql-5.1": [{"credentials": {"hostname": "localhost", "port": 8889, "password": "root", "name": "LOCAL_DATABASE_NAME", "user": "root"}}]}'
/Applications/MAMP/Library/bin/httpd -k stop
sleep 3
/Applications/MAMP/Library/bin/httpd -k start

create new database on xampp

How can I create new database on xampp on centos 5? When I hot mysql -u root -p in terminal it says no mysql command found. When I go to phpMyAdimn page it do not accepts my username/password. What to do in this situation to create new database? Mysql service of xampp is running because when I run "ps ax | grep mysql" I can see xampp mysql process.
Symptom: Create new database: No Privileges
Worked for me in "standard" xampp on linux after running /opt/lampp/lampp security:
To add a new database log in to phpmyadmin as user "root" with password as defined for user "pma".
I have to put this in an answer (for the syntax) and it will look like this (in some file called "createDB.php")
You can run it with command-line "php createDB.php", or you can use your browser to set the adress "createDB.php" in your localhost, when you copy your file in the opt/lampp/htdocs folder.
I did not test it but it should work.
<?php
$con = mysql_connect("localhost","louis","abc123");
if (mysql_query("CREATE DATABASE my_db",$con))
{
echo "Database created";
}
?>
As you have indicate mysql process is running.
So, try
locate mysql
which mysql
whereis mysql
It could be your login session does not include the actual path to mysql client program.