On 2025-10-14 10:19:32 -0000 (-0000), hamid.lotfi@gmail.com wrote:
When creating an instance in OpenStack, you can use the --user-data option to pass a cloud-init configuration file to the instance at boot time. This file allows you to automate initial setup tasks such as setting a user password [...] password: ahmad [...]
While probably okay for testing purposes, this is not safe in general. See https://wiki.openstack.org/wiki/OSSN/OSSN-0074 for one reason, but there are also other ways metadata might end up exposed. The better solution, and what basically everyone I know does, is to avoid password login and use SSH key authentication instead. Even the risks from instance metadata leaks notwithstanding, passwords can (and will) be remotely brute-forced if your sshd is listening on an Internet-reachable address. If someone manages to fish your SSH public key digest out of metadata on the other hand, there's not really anything they can do with that. -- Jeremy Stanley