after installing turnkey appliances as Virtual-Containers in Proxmox, I am not able to login because the initiall loginscreen for entering the passwords do not show up !!!

default passwords  are much better , it's in everybodys reponsibility to manage security

...nevertheless what can I do ?

thanks for help

sti

Forum: 
Jeremy Davis's picture

IIRC the inithooks should be sitting there waiting for you on tty1. So if you log in via SSH or the PVE webUI console it should be there waiting for you, ready to enter your passwords.

If you use commandline to enter the instance from the host, then you are correct that 'pct enter VMID' won't show them, but if you use 'pct console VMID' instead then you will see them.

Whilst default passwords may be ok for some users; many users do not change default passwords, then think our servers are insecure when they get hacked! To avoid risk of that, we decided that forcing users to set a password at firstboot was a better way to go.

thanks for answering..

? what do you mean by..

"If you use commandline to enter the instance from the host ..."

I tried via the  console buttons inside pve (there a 2) and from a workstation via ssh !

tty1 shows up with a commandline asking me username and password !

no new-password dialog shows up !

 

 

 

Jeremy Davis's picture

But if you access it via the built in PVE console browser window, then as soon as you log in, it should be there.

Perhaps if you can tell me which specific appliance I can double check and see if I can reproduce the issue. Maybe you've stumbled across a bug? When I build the ISOs I build them to container locally and test on Proxmox. However, they aren't exactly the same build (they come from the same source ISO, but my test containers I build locally, rather than on TurnKey infrastructure) so perhaps something went wrong?!

The only other thing that occurs to me is that on the very first boot, it will take a few minutes for the interactive session to start (it does a ton of non-interactive stuff like regenerating secret keys etc first). If you try to log in before that has done, then you may get some weird results. In Proxmox, if you open your containers console window when you first launch it, then you should see all that happening stuff within the console window. When it's finished it will ask for log in. When you log in, it should be there ready to go...

I was referring to using Proxmox's commandline interface (rather than the webUI). It sounds like you are not very familiar with that, so there's probably no need to go down that path. FWIW I only said that as it's a known "issue" and I had no way to know how much of an expert you were...

I tried several.... 

but the last one was fileserver.   ..but also openvpn

why don't you let a default initial password and in addition show up the password-dialog to avoid those problems.

...as I said the user himself is responsible for security

I'll give it another try with a lot off calm

 

"I'll give it another try with a lot off calm "

same result no dialog

Jeremy Davis's picture

The fact that you're having the same experience with multiple different containers and that no ones else has reported anything similar recently, makes me wonder if there is something you're missing, or something amiss with your set up?! Within the last few days I've been speaking with some other Proxmox users who are definitely not experiencing this issue. And I can't reproduce this issue at all?! So I wonder what it might be?

FWIW we've been using this method of setting passwords on firstboot for many years now to great effect. Other than a couple of specific inithook bugs (which are always quicly resolved, and occur very rarely since we've introduced our more intensive testing regime) it's worked flawlessly and has massively reduced the complaints about servers being hacked... So whilst you are right that security is everyone's business, if we can ensure users have less traps to fall in, the better!

TBH, I'm not sure how this issue could be caused by Proxmox, but just in case, could you please give me some more info re your Promxox version. Proxmox should only download the current container templates and should also check the hash to ensure it hasn't been corrupted. That should mean that the container templates you have are ok, but perhaps it's also worth double checking them too? You can find the relevant hash files on our mirror. You will notice that the older v14.1 appliances have a "sig" file rather than a "hash" file. That's because we've adjusted that for the new release (still in progrewss hence why some are v14.1 and others 14.2). These 2 different files are essentially the same and provide similar info.

FWIW, I just upgraded my version of Proxmox to the latest stable (4.4-13). I then downloaded a fresh v14.1 Fileserver container template (via PVE webUI). But it still "just works" for me?!

I'm not sure whether it's really much help, but I took a few screenshots as I was going and have uploaded them to github here. Perhaps browse through those and see if you can spot anything you may be missing. Or at least if you can clarify when your experience diverges?!

cartland's picture

I'm on Proxmox 5.2-5 and running several VMs just fine.

Sorry if I'm raising an old thread but it matches exactly my problem.

I just tried setting up several different LXC turnkey servers. I cannot login to any of them. My config screens look much the same as those at https://github.com/JedMeister/pve-screenshots. I even tried debian-8-turnkey-fileserver_14_2-1_amd64 as a test.

The root user and password from the config screen do not work - Login incorrect and the first boot configuration screen does not come up.

cartland's picture

aaaaa worked. Others fail: qazwsx and abcabc

??

Oh Well!

 

Michael Larsen's picture

I also run Proxmox: PVE Manager Version pve-manager/4.4-15/7599e35a.

And I have the same problem, that I cannot login with the root account after the installation.

I tried many times now installing the LXC container, and could not login.

I then tried to set the IP address to DHCP, and now I suddenly could login and get the initialization screen.

Maybe there are an issue there ??

anyway thanks for a great product :-)

Jeremy Davis's picture

Normally, I set the container's static IP in the PVE config prior to launch. E.g.:

If you're not doing that, that would explain your behaviour (if a static IP is not set, then you would need to get an IP via DHCP).

Michael Larsen's picture

I do set an IP address correctly when using the static way.

But I cannot login with the password that was defined in the config guide.

Jeremy Davis's picture

When you launch a new container on Proxmox you set the root password prior to launch. It's actually on the first screen as per this screenshot:

Then you should be able to log in via SSH using the username "root" and the password that you set there.

If that's not working, then the only thing that I can think of is perhaps a keyboard issue or some other language related issue?! Unfortunately TurnKey currently requires a US international keyboard, at least for initial log in and set up. It also default to US English. I can confirm that on current Proxmox, all the appliances I have tested work as they should.

If you are using a non-US keyboard but have one handy, perhaps try with that? Even if you don't have a different keyboard, you may be able to try using a fairly simple password. Alternatively, you could generate SSH keys and upload your public key when you create the container (again see the screenshot; there is a button to upload your public SSH key.

Alternatively, if you are sure it is a TurnKey related bug, please spell out exactly how I can recreate the issue. If we can reproduce the issue, we can fix it! :)

Add new comment