vagrant login as root by default

Question

Problem: frequently the first command I type to my boxes is su -.

Question: how do I make vagrant ssh use the root user by default?

Version: vagrant 1.6.5

Answer 1

This is useful:

sudo passwd root

for anyone who's been caught out by the need to set a root password in vagrant first

Answer 2

Solution:
Add the following to your Vagrantfile:

config.ssh.username = 'root'
config.ssh.password = 'vagrant'
config.ssh.insert_key = 'true'

When you vagrant ssh henceforth, you will login as root and should expect the following:

==> mybox: Waiting for machine to boot. This may take a few minutes...
    mybox: SSH address: 127.0.0.1:2222
    mybox: SSH username: root
    mybox: SSH auth method: password
    mybox: Warning: Connection timeout. Retrying...
    mybox: Warning: Remote connection disconnect. Retrying...
==> mybox: Inserting Vagrant public key within guest...
==> mybox: Key inserted! Disconnecting and reconnecting using new SSH key...
==> mybox: Machine booted and ready!

Update 23-Jun-2015: This works for version 1.7.2 as well. Keying security has improved since 1.7.0; this technique overrides back to the previous method which uses a known private key. This solution is not intended to be used for a box that is accessible publicly without proper security measures done prior to publishing.

Reference:

• https://docs.vagrantup.com/v2/vagrantfile/ssh_settings.html

Answer 3

This works if you are on ubuntu/trusty64 box:

vagrant ssh

Once you are in the ubuntu box:

sudo su

Now you are root user. You can update root password as shown below:

sudo -i
passwd

Now edit the below line in the file /etc/ssh/sshd_config

PermitRootLogin yes

Also, it is convenient to create your own alternate username:

adduser johndoe

Wait until it asks for password.

Answer 4

If Vagrantfile as below:

config.ssh.username = 'root'
config.ssh.password = 'vagrant'
config.ssh.insert_key = 'true'

But vagrant still ask you root password, most likely the base box you used do not configured to allow root login.

---

For example, the offical ubuntu14.04 box do not set PermitRootLogin yes in /etc/ssh/sshd_config.

So If you want a box can login as root default(only Vagrantfile, no more work), you have to :

1. Setup a vm by username vagrant(whatever name but root)

2. Login and edit sshd config file.

   ubuntu: edit /etc/ssh/sshd_config, set PermitRootLogin yes

   others: ....

   (I only use ubuntu, feel free to add workaround of other platforms)

3. Build a new base box:

   vagrant package --base your-vm-name
   

   this create a file package.box

4. Add that base box to vagrant:

   vagrant box add ubuntu-root file:///somepath/package.box
   

   then, you need use this base box to build vm which allow auto login as root.

5. Destroy original vm by vagrant destroy

6. Edit original Vagrantfile, change box name to ubuntu-root and username to root, then vagrant up create a new one.

It cost me some time to figure out , it is too complicate in my opinion. Hope vagrant would improve this.

Answer 5

Dont't forget root is allowed root to login before!!!

Place the config code below in /etc/ssh/sshd_config file.

PermitRootLogin yes

Answer 6

Note: Only use this method for local development, it's not secure. You can setup password and ssh config while provisioning the box. For example with debian/stretch64 box this is my provision script:

config.vm.provision "shell", inline: <<-SHELL
    echo -e "vagrant\nvagrant" | passwd root
    echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
    sed -in 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
    service ssh restart
SHELL

This will set root password to vagrant and permit root login with password. If you are using private_network say with ip address 192.168.10.37 then you can ssh with ssh root@192.168.10.37

You may need to change that echo and sed commands depending on the default sshd_config file.

Answer 7

Adding this to the Vagrantfile worked for me. These lines are the equivalent of you entering sudo su - every time you login. Please notice that this requires reprovisioning the VM.

config.vm.provision "shell", inline: <<-SHELL
    echo "sudo su -" >> .bashrc
SHELL

Answer 8

I know this is an old question, but looking at the original question, it looks like the user just wanted to run a command as root, that's what I need to do when I was searching for an answer and stumbled across the question.

So this one is worth knowing in my opinion:

vagrant ssh servername -c "echo vagrant | sudo -S shutdown 0"

vagrant is the password being echoed into the the sudo command, because as we all know, the vagrant account has sudo privileges and when you sudo, you need to specify the password of the user account, not root..and of course by default, the vagrant user's password is vagrant !

By default you need root privileges to shutdown so I guess doing a shutdown is a good test.

Obviously you don't need to specify a server name if there is only one for that vagrant environment. Also, we're talking about local vagrant virtual machine to the host, so there isn't really any security issue that I can see.

Hope this helps.

Answer 9

I had some troubles with provisioning when trying to login as root, even with PermitRootLogin yes. I made it so only the vagrant ssh command is affected:

# Login as root when doing vagrant ssh
if ARGV[0]=='ssh'
  config.ssh.username = 'root'
end

Answer 10

I used vagrant putty with the vagrant multi putty plugin, it took me directly to root.

Answer 11

this may help along answering how to allow root access, as well as password based access to vagrant.

the official image by debian (latest stable debian 12 bookworm) does not include permission for root login as well as password based authentication.

there are a few configurations that will affect connectivity, such as insert key (not needed; default is fine), the ssh.username and ssh.password should not be set as it will default to password based auth when trying to spin up the instance. Contrary to the above, it seems like newer vagrant versions do not timeout; we will get the following error instead.

    single: Warning: Authentication failure. Retrying...
    single: Warning: Authentication failure. Retrying...
    single: Warning: Authentication failure. Retrying...
Timed out while waiting for the machine to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period.
...

the following is configured in Vagrantfile.

# note that the following few settings (insert key, username, password) can/needs to be omitted.
# config.ssh.insert_key = false
# config.ssh.username = 'vagrant'
# config.ssh.password = 'vagrant'

config.vm.box = "debian/bookworm64"
config.vm.provision "shell", inline: <<-'SHELL'
  sed -i 's/^#* *\(PermitRootLogin\)\(.*\)$/\1 yes/' /etc/ssh/sshd_config
  sed -i 's/^#* *\(PasswordAuthentication\)\(.*\)$/\1 yes/' /etc/ssh/sshd_config
  systemctl restart sshd.service
  echo -e "vagrant\nvagrant" | (passwd vagrant)
  echo -e "root\nroot" | (passwd root)
SHELL

hope it helps.

with kudos to a similar issue reference : How to enable password ssh authentication for Vagrant VM?

Answer 12

vagrant destroy
vagrant up

Please add this to vagrant file:

config.ssh.username = 'vagrant'
config.ssh.password = 'vagrant'
config.ssh.insert_key = 'true'