View Issue Details

IDProjectCategoryView StatusLast Update
0000331AlmaLinux-9Generalpublic2022-11-16 11:16
Reportersej7278 Assigned To 
Status newResolutionopen 
PlatformRaspberry PiOSAlmaLinuxOS Version9
Summary0000331: root SSH is disabled and there is no other user, so headless installs don't work
DescriptionIf you create a /boot/ssh file on the sdcard to enable sshd, you still can't login as "PermitRootLogin without-password" is set and of course there is no authorized_keys installed.

A default username/password with sudo enabled would solve this problem but as the RPi Foundation found, it created a security risk.

So can we have some other way of allowing a headless first boot - perhaps an option to create a user based on reading some hashed credentials file from /boot/ or even a way of injecting a root ssh key from /boot that's then moved to /root/.ssh/authorized_keys?

If you mount the sdcard on a Linux system you can change PermitRootLogin to "yes" but you have to ensure you keep the SELinux context of /etc/ssh/sshd_config or sshd.service won't start (as i found when using a Debian host!) I assume you'd have the same problem if you installed a root ssh key from a non-selinux-aware host.

As a primarily headless server distro, it does seem odd you need to boot with a keyboard and monitor (or maybe gpio serial?)
Steps To ReproduceCreate an empty ssh file in the root of the sdcard (which is basically the /boot partition), boot the pi and try to ssh as root
TagsNo tags attached.


There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2022-11-16 11:16 sej7278 New Issue