Depending on your Linux flavor, the
ssh daemon might listen on all network interfaces on the default port and allow root and password logins.
This default configuration is not very safe. Automated scripts can try to guess the root password. You're at the mercy of the strength of your root passwords.
It's a good idea to make things stricter. Let's see how you can do this.
Create a user who can log in using his
ssh key instead of a password. Doing this with Chef is described in the Creating users from data bags section.
Make sure you have a cookbook named
my_cookbook and the
run_list of your node includes
my_cookbook as described in the Creating and using cookbooks section in Chapter 1, Chef Infrastructure ...