You should never depend on
root login when dealing with OpenStack cloud. Pretty much all pre-prepared cloud images have it disabled by default. Ideally all your user provisioning should be done as part of the
cloud-init procedure and there you should either create your own user or work with the default
cloud-user and the key you provisioned. But what if you are troubleshooting some weird (network) issue and you need console login for your image?
Well, you can always re-enable root user by directly modifying qcow2 image.
To edit qcow2 images, we need first to install
libguestfs-tools. On my Linux Mint, that requires the following:
sudo apt-get install libguestfs-tools
Of course, if you are using yum or some other package manager, adjust accordingly. :)
Once installation is done, we simply mount image into
/mnt/guestimage and modify the
shadow file to assign password (
changeme in this example) to the root user:
sudo mkdir /mnt/guestimage
sudo guestmount -a rhel-server-7.5-update-3-x86_64-kvm.qcow2 -m /dev/sda1 /mnt/guestimage
sudo sed -i 's/root:!!/root:$1$QiSwNHrs$uID6S6qOifSNZKzfXsmQG1/' /mnt/guestimage/etc/shadow
sudo guestunmount /mnt/guestimage
sudo rmdir /mnt/guestimage
All nodes installed from this image will now allow you to use root login with password authentication. Just don’t forget to remove this change once you’re done troubleshooting.
PS: While I use Red Hat image in the example, the procedure also applies to CentOS and most of other cloud distributions too.