Linux VM password reset under Windows Azure

Linux VM password reset under Windows Azure

On the previous article we introduced the password reset under Windows Azure for the passwords forgot reset, today describes the Linux VMS under Windows Azure for password resets.

There are two ways to forget a password, one is to know the account password to reset, the other is to not know the password that needs to be reset.

For example, the last administrator after the creation of the work has not handed over and left, the current administrator does not know the password, do not know to reset the password, so Windows Azure uses the overridden method to complete the password operation from the reset.

Prerequisite

Microsoft Azure Linux Agent 2.0.5 or later. Note that most Azure virtual machine Linux image libraries contain version 2.0.5. You can verify that this version is installed in the virtual machine by running waagent-version. To ensure the best user experience for your extender, we recommend that you update to the latest version by following the steps in "Additional considerations" at the end of this article.

Azure PowerShell. Please note that cross-platform CLI support for extenders is expected to be available in the coming weeks.

The new password or SSH key that you want to reset for your VM.

Use VMAccess Extension Program

Depending on what you want to reset for your VM, the use of VMAccess has 5 scenarios. These scenarios and the corresponding PowerShell sample scripts are described below. Note that you only need to specify a different parameter for each scene, and the second part after the comment "Start execution" is the same in different scenarios. The script is very simple.

(If you are using Ubuntu, you need to replace "waagent" in the above command with "Walinuxagent")

Note: 1. If you need to update to another version, see the GitHub instructions. 2. Root permission is required to run the above command.

Next we demonstrate that we know that Linux is generally logged on via SSL

650) this.width=650; "title=" clip_image002 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image002" src= "http://s3.51cto.com/wyfs02/M00/53/F9/wKiom1R1OP_g4mmBAADmu8Qj0C4373.jpg" height= "303"/>

Create a Linux computer

650) this.width=650; "title=" clip_image004 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image004" src= "Http://s3.51cto.com/wyfs02/M01/53/F9/wKiom1R1OP-Tbb5NAADlLGUccV8439.jpg" height= "308"/>

The default open port

650) this.width=650; "title=" clip_image006 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image006" src= "http://s3.51cto.com/wyfs02/M02/53/F9/wKiom1R1OP_xe5uPAADlX-3YWEo150.jpg" height= "321"/>

The default is to install the agent

650) this.width=650; "title=" clip_image008 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image008" src= "http://s3.51cto.com/wyfs02/M00/53/F9/wKiom1R1OP-wcVm4AADRKrVfGsI833.jpg" height= "334"/>

Creating VMS

650) this.width=650; "title=" clip_image010 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image010" src= "http://s3.51cto.com/wyfs02/M01/53/F9/wKiom1R1OP_itJKQAADP3AOmpkI011.jpg" height= "282"/>

We landed through Xshell.

650) this.width=650; "title=" clip_image012 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image012" src= "http://s3.51cto.com/wyfs02/M02/53/F9/wKiom1R1OP_CjHMFAAId6hk93hU795.jpg" height= "496"/>

We know that Ubuntu default root is not enabled, so we need to set a password for root and switch to root

Sudo passwd Root

650) this.width=650; "title=" clip_image013 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image013" src= "Http://s3.51cto.com/wyfs02/M00/53/F7/wKioL1R1OYGjcTs9AADnjyXbDnw390.jpg" height= "109"/>

And then through

Su Root

Switch to Root

650) this.width=650; "title=" clip_image014 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image014" src= "Http://s3.51cto.com/wyfs02/M01/53/F7/wKioL1R1OYGgYbKrAADE6JF-By4454.jpg" height= "101"/>

See which users can log in to the system

650) this.width=650; "title=" clip_image015 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image015" src= "http://s3.51cto.com/wyfs02/M02/53/F7/wKioL1R1OYHzp4MnAAEk4pkJF5Q446.jpg" height= "151"/>

My system has azureuser, root two users, I if the root password forgotten or azureuser password forgot what I should do, need to be reset via PowerShell Azure.

We downloaded Windows Azure Powershel, what is the difference between Windows Azure Poershell and the system comes with Windows PowerShell, the biggest difference is that there is no Azure-related service module, and no more introduction , with PowerShell, we need a subscription file for Windows Azure that we need to download through the Portal interface to Windows Azure or through PowerShell.

Https://manage.windowsazure.cn/publishsettings/index?client=powershell

650) this.width=650; "title=" clip_image017 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image017" src= "http://s3.51cto.com/wyfs02/M00/53/F7/wKioL1R1OYHDZzFsAAEXDjlx8vQ645.jpg" height= "340"/>

Running Windows Azure PowerShell

650) this.width=650; "title=" clip_image019 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image019" src= "http://s3.51cto.com/wyfs02/M01/53/F7/wKioL1R1OYGxXYR1AAD5Kwz_KWg628.jpg" height= "356"/>

Import a subscription file

650) this.width=650; "title=" clip_image021 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image021" src= "http://s3.51cto.com/wyfs02/M01/53/F9/wKiom1R1OQDi3xn8AAD8KZ4egr0632.jpg" height= "353"/>

The subscription file was imported successfully.

650) this.width=650; "title=" clip_image023 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image023" src= "http://s3.51cto.com/wyfs02/M02/53/F7/wKioL1R1OYGiMDGiAAFpsXPdtBM478.jpg" height= "349"/>

Because I have multiple subscriptions in my environment, we need to set a default subscription

650) this.width=650; "title=" clip_image025 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image025" src= "http://s3.51cto.com/wyfs02/M00/53/F7/wKioL1R1OYKgv5oQAAGJvBZ-DrA067.jpg" height= "357"/>

Check whether the default Azure account in Azure PowerShell is the account you want to operate on:

Enter the command:

Get-azuresubscription–default

, the subscription ID appears in the checked results to see if the sub ID is the subscription ID on your Azure management platform.

If the sub ID is different, you will need to reset the default account (it should be the same if you are doing it for the first time). To change a command:

Select-select-azuresubscription-subscriptionname "Add account name"-default

650) this.width=650; "title=" clip_image027 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image027" src= "http://s3.51cto.com/wyfs02/M01/53/F7/wKioL1R1OYKA8NyVAACErBLGXV8607.jpg" height= "the"/>

Note: If there are multiple subscription IDs under a subscription file, we can also choose to modify the specified subscription ID as the default

650) this.width=650; "title=" clip_image029 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image029" src= "http://s3.51cto.com/wyfs02/M02/53/F7/wKioL1R1OYLieKjyAACaNibWljo872.jpg" height= "118"/>

After modifying, we enter the command

Get-azurevm

(Check your virtual machine name and cloud service name)

650) this.width=650; "title=" clip_image031 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image031" src= "http://s3.51cto.com/wyfs02/M00/53/F7/wKioL1R1OYKCqlQCAAB0x14a9Vg036.jpg" height= "159"/>

Input command

$VM = get-azurevm-servicename "xxxx"-name "mxxx"

Define a variable VM, and then view information for the current service

#指定虚拟机

$VM = Get-azurevm-servicename ' myservicename '-name ' myvmname '

650) this.width=650; "title=" clip_image033 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image033" src= "http://s3.51cto.com/wyfs02/M01/53/F7/wKioL1R1OYLxzXZsAABS9ZS41Tk687.jpg" height= "Si"/>

(see if the output is ' true ') if the agent is installed, the returned result is true

$VM. GetInstance (). Provisionguestagent = $true

650) this.width=650; "title=" clip_image035 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image035" src= "http://s3.51cto.com/wyfs02/M02/53/F7/wKioL1R1OYLy6O2YAACUPoiWhoU885.jpg" height= "221"/>

#输入您当前的用户名和新密码

$UserName = "Currentname" $Password = "newpassword" $PrivateConfig = ' {"UserName": "' + $UserName + '", "Password": "' + $Pass Word + ' ""

650) this.width=650; "title=" clip_image037 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image037" src= "http://s3.51cto.com/wyfs02/M02/53/F9/wKiom1R1OQHSc6aEAAClM7Wysmc899.jpg" height= "168"/>

#开始执行

$ExtensionName = ' vmaccessforlinux ' $Publisher = ' microsoft.ostcextensions ' $Version = ' 1.0 ' set-azurevmextension- ExtensionName $ExtensionName-vm $vm-publisher $Publisher-version $Version-privateconfiguration $PrivateConfig | Update-azurevm

650) this.width=650; "title=" clip_image039 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image039" src= "Http://s3.51cto.com/wyfs02/M00/53/F7/wKioL1R1OYKSxAU4AAEObR8dja4629.jpg" height= "182"/>

Login via new password.

650) this.width=650; "title=" clip_image041 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;margin:0px;border-left:0px;padding-right:0px; "border=" 0 "alt = "clip_image041" src= "http://s3.51cto.com/wyfs02/M00/53/F9/wKiom1R1OQGDwxZfAAD9cflcd1k275.jpg" height= "285"/>

Windows Azure commands Combine:

Http://msdn.microsoft.com/en-us/library/dn495240.aspx

Note: There is a problem with code punctuation on the official website, so there is a problem with execution:

We can write the above code as a. ps file to execute.

 $VM  = Get-AzureVM -ServiceName  '? Zztestlinux '?￥ -name  '? Zztestlinux '? ￥ $VM. GetInstance (). provisionguestagent =  $true $username =  "Azureuser" $Password  =  "Password2014" $ privateconfig =  ' {"username": "' +  $UserName  +  '",  "password": "'  + $ password +  ' "} ' $ExtensionName  =  ' vmaccessforlinux ' $Publisher  =  ' Microsoft.ostcextensions ' $Version  =  ' 1.0 ' set-azurevmextension -extensionname $ extensionname -vm  $vm  -Publisher  $Publisher  -Version  $Version  - privateconfiguration  $PrivateConfig  | UPDATE-AZUREVM 

650) this.width=650; "title=" clip_image043 "style=" border-top:0px;border-right:0px;background-image:none; border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px, "border=" 0 "alt=" clip_ image043 "src=" http://s3.51cto.com/wyfs02/M01/53/F9/wKiom1R1OQGCt1u8AACRC6JrjPE513.jpg "height=" 232 "/>

2. Reset the SSH key only

 #Sample  script to reset your ssh keys# identify the vm$vm = get-azurevm -servicename  ' MyServiceName '  -Name  ' Myvmname ' #Enter  the current user name and the path of your  new public ssh key$username =  "Currentname" $cert  = Get-Content  " Certpath "$PrivateConfig  =  ' {" username ":" '  +  $UserName  +  ' ", " Ssh_key ":" '  +  $cert  +  ' "} ' # begin execution$extensionname =  ' Vmaccessforlinux ' $ publisher =  ' microsoft.ostcextensions ' $Version  =  ' 1.0 ' set-azurevmextension - extensionname  $ExtensionName  -VM  $vm  -Publisher  $Publisher  -version $ version -privateconfiguration  $PrivateConfig  | UPDATE-AZUREVM 

3. Reset the password and the SSH key

#Sample  script to reset your password and ssh key#identify the  VM$vm = Get-AzureVM -ServiceName  ' myservicename '  -Name  ' myvmname ' #Enter  the new password, and cert path of the new ssh public  key, with the current user name$UserName =  "Currentname" $Password  =  "NewPassword" $cert  = Get-Content  "Certpath" $PrivateConfig  =  ' {"username" : "'  +  $UserName  +  '",  "password":  " +  $Password  +  '",  "Ssh_key": "'  +  $cert  +  '"} ' # begin execution$extensionname =  ' Vmaccessforlinux ' $Publisher  =  ' microsoft.ostcextensions ' $Version  =  ' 1.0 ' set-azurevmextension -extensionname  $ExtensionName  -VM  $VM  -Publisher  $Publisher  -Version  $Version  -privateconfiguration  $PrivateConfig  | UPDATE-AZUREVM 

4. Create a new sudo user account

If You forget your user name, you can use VMAccess to create a new one with the sudo authority. Your original user name and login keys are not being modified, it should still work.

To create a new sudo user with password access, use the script in Scenario 1; For creating a new sudo user with SSH key access, use the script in Scenario 2;  You can also use scenario 3 to create a new user with both access; Remember the "UserName" to a new user name.

5. Reset the SSH configuration

If The SSH configuration is messed up, you might also lose the access to the VM. You can use VMAccess extension to reset the configuration to default. To does, you just need to remove all the new access parameters in the configuration (user name, password, or SSH key). The extension would restart the SSH server, open the SSH port on your VM, and reset the SSH configuration to default. The user account (password or SSH keys) of your VM remains unchanged.

Note, the SSH configuration file, get Reset is located at/etc/ssh/sshd_config.

#Sample script to reset the SSH configuration on your vm#identify the VM$VM = Get-azurevm-servicename ' myServiceName '-na Me ' myvmname ' $PrivateConfig = ' {' reset_ssh ': ' True '} ' # Begin execution$extensionname = ' vmaccessforlinux ' $Publisher = ' Microsoft.ostcextensions ' $Version = ' 1.0 ' set-azurevmextension-extensionname $ExtensionName-VM $VM-publisher $ Publisher-version $Version-privateconfiguration $PrivateConfig | Update-azurevm

Query the results

The status of the VMAccess extension could be retrieved using Azure PowerShell Cmdlet GET-AZUREVM or get-deployment.

Access the VM after resetting

After the VMAccess Extension completes resetting the credentials and configurations, you can log on to the instance using The new account name, password or SSH key.

Additional Notes

Note If you have want to reset the password or SSH key for the existing user account and you need to make sure the user name You entered matches the original user name. If you enter a name which is different from your original name, the VMAccess extension would consider this as scenario 4 lis Ted above, and create a new user account.

Known issue

When you run the PowerShell command ' set-azurevmextension ' on a Linux VM, you could hit following error: "Provision Guest Agen T must is enabled on the VM object before setting IaaS VM Access Extension.

Root Cause:when You create the image via portal with the value of the guest agent on the VM are not always set to "True". If your VM is created using PowerShell, you won't see this issue.

Resolution:add the following PowerShell command to set the provisionguestagent to "True";

$VM = Get-azurevm-servicename ' myservicename '-name ' myvmname ' $VM. GetInstance (). Provisionguestagent = $true

This article is from the "Gao Wenrong" blog, make sure to keep this source http://gaowenlong.blog.51cto.com/451336/1582670

Linux VM password reset under Windows Azure