Moodle icon indicating copy to clipboard operation
Moodle copied to clipboard
verified publisher icon Azure

Login to Linux VMs with AAD as alternative to SSH

Open nimojg-microsoft opened this issue 7 years ago • 3 comments

Looks like it'd require the install of some VM extensions = documented here: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/login-using-aad

Note the feature is currently in preview and shouldn't be used with production VMs

nimojg-microsoft avatar May 29 '18 17:05 nimojg-microsoft

Apart from debug purposes there is almost no reason to log into the cluster. Those who are debugging issues almost certainly are comfortable with Linux and thus SSH keys. Am I missing an important use case for this one?

SorraTheOrc avatar May 30 '18 05:05 SorraTheOrc

@rgardler -- No, I don't think so. I agree with you.

hosungsmsft avatar May 30 '18 14:05 hosungsmsft

Just wanted to point out that this AAD extension still requires an admin user either with an SSH key or a password (in which case an SSH key is preferred definitely. See https://docs.microsoft.com/en-us/azure/virtual-machines/linux/login-using-aad#create-a-linux-virtual-machine), so this AAD extension doesn't replace the SSH key requirement, but just adds capability to log in with an AD account, which may not be desirable for other reasons. The SSH key (or password) requirement for an admin account is an Azure CRP (Compute Resource Provider) API requirement that can't be replaced with this AAD extension, so that's why.

I'm personally inclined not to add this option to the templates. If users want/need, they should do this after the initial deployment.

hosungsmsft avatar May 30 '18 17:05 hosungsmsft