Password based auth is disabled on cloud VMs due to security constraints.

VOS has “admin” as default user. Azure does not allow to use “admin” or “Administrator” user during VM launch itself. (Restriction/Limitation from Azure).

Azure uses cloud init module “users-groups” to create non-default user in VM while deploying the VM. But Versa has not included cloud init module “users-groups” due to security constraints.

There are 3 solutions for this:

• Inject ssh key using custom data field while on boarding VM on Azure either via Power Shell, Azure CLI, terraform etc.
• Inject ssh key to admin user after login from Azure Console.
• Use reset password option from Azure Portal which creates non-default user and inject ssh key also.

We recommend using 1st approach to deploy VM using automated way rather than doing it from Azure Portal

Use Reset password option from Azure Portal (once you deployed the VM) by adding the Public Key for any non-admin user say “azureuser” (Azure does not allow to use admin or Administrator username).

Then login using key based method with azureuser.

Once log in switch to admin user “sudo su - admin”.

NOTE: Only below part is required for AWS, as AWS provides login via key used during launch instance.

If you are going to trigger ZTP manually then make sure to add exception for password-based authentication for Director Northbound and Southbound IPs in /ect/ssh/sshd_config file and restart ssh services “sudo service ssh restart”.

Format below to be added in /etc/ssh/sshd_config:

Match address <Director south IP >

    PasswordAuthentication yes

Match all

Match address <Director north IP >

    PasswordAuthentication yes

Match all