Once in a while I am required to setup some virtual machines to test various Icinga stuff (I know, that can be automated, but anyways – normal user systems are not either, so the challenge is to know what a blank system looks like).

For testing the Icinga RPMs, a CentOS 6 netinstall VM is a pretty obvious choice, also for further testing of Icinga 2. While installing isn’t that much magic, getting sshd to accept root logins and public key authentication is.

First, the vm requires some portforwarding in virtualbox, like putting the guest’s port 22 onto the host’s port 10022 (just greater than 1024 not to interfere with system services).

Boot the vm, and login there once. Now edit /etc/ssh/sshd_config and permit root login, as well as set authentication to pub key

# vim /etc/ssh/sshd_config

LoginGraceTime 2m
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes

#PasswordAuthentication yes
PermitEmptyPasswords no

Then edit /root/.ssh/authorized_keys and add your public key (the one from the host).

While this should work on every other system, CentOS 6 got a bug which prohibits sshd to access the root’s authorized_keys file when SELinux is runnning in enforced/permissive mode.

So, disable SELinux to the time being (it’s a localhost vm with restricted access anyways).

# vim /etc/sysconfig/selinux

SELINUX=disabled

and reboot the CentOS vm.

For lazyness, create yet another bashrc alias on the host running the vm.

alias vm_centos6='ssh root@localhost -p 10022'

Voilà!