I’ve setup and deleted several instances with DreamCompute, getting my feet wet, and learning how much I don’t know about the latest available software like apt-get, apache2, and vsftpd. It’s a slow learning experience but not painful.
The only bit of pain occurred a couple days ago when I must have changed something in the firewall that blocked external access via SSH and SFTP. With no password on the default user “ubuntu” (using keys for secure access), no password for root, and no other users, there wasn’t a way to get into the OS to fix the problem. I did try to get in through the DC/OpenStack “Console” option, but the password for user ubuntu was unknown and the QEMU (browser-based emulator) doesn’t use keys like other application-based SSH.
Support recommended alternatives to accessing the file system for some surgery, but this was a test instance (albeit with a lot of stuff installed), and not worth the heroic effort, so RIP, I deleted the whole instance in a sort of laughing rage quit.
For my next instance, I’m going to create a new user to get in, just in case I do again whatever it was that I did before. Is that OK for security?
I read everywhere about using the OpenStack CLI for more controlled access to the environment. Could the CLI help in a situation like this, to maybe SSH into an instance from within the data center? I’ve been avoiding the CLI as an unnecessary evil so far.
I read that a generated password for “ubuntu” is displayed during the initial instance creation. I didn’t know to look for that and save the info. I couldn’t find the instance creation in the logs from the dashboard. Is it OK to reset the password on that “magic” user?