Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Restarting EC2 and login as root

Tags:

amazon-web-services

amazon-ec2

I am new to this AWS.

I launched one EC2 instance and used cygwin to do the stuff, everything is working I launched the EC2 machine, I am able to :

  1. Login using ssh and pem file i.e key value pair name file using the command as : ssh -i pem.file root@ip, (this works and I gets login as a root user)
  2. Getting the root access using sudo -i
  3. Installing any thing, installing the servers like Apache, tomcat and all that

But once I stop the instance and starts it again, it does not allow me to login as root?

First of all, the IP gets changed every time I stops and starts the machine.

Secondly, why once machine starts again after being stopped, the command : ssh -i pem.file root@ip shows following message:

enter image description here

Please shed some light.

like image 556
Ankur Verma Avatar asked Dec 25 '22 13:12

Ankur Verma

2 Answers

It is because the AMI you used to launch the instance does not permit root login over SSH. What kind of Linux instance did you launch?

You can change that in /etc/ssh/sshd_config and the option would be PermitRootLogin yes (make sure to restart the sshd service). However, in order for the .pem key file to work, you'd have to setup the public key to work for root. The quick way to do that is to copy /home/cloud-user/.ssh/authorized_keys to /root/.ssh/authorized_keys. However, this is not a recommended practice.

The Please login as the user "cloud-user" rather than the user "root". message you are getting is because of the command option in the /root/.ssh/authorized_keys.

As for the public IP of the instance, that's because your instance is what's called EC2 Classic. If you want the public IP to persist you will have to launch the instance in a custom VPC with an Internet Gateway and attach an Elastic IP to it. This is a good guide.

like image 160
alkar Avatar answered Jan 13 '23 01:01

alkar

Did you install the cloud-init RPM? The cloud-init RPM for the CentOS AMI creates a user named cloud-user but without the requisite sudo privileges. So after a reboot there's no way to sudo or do anything meaningful.

To fix this issue, launch a vanilla CentOS instance, install the cloud-init RPM, but before rebooting, modify /etc/cloud/cloud.cfg to grant sudo privileges for cloud-user.

  default_user:
    name: cloud-user
    gecos: Cloud user
    groups: [wheel, adm]
    sudo: ["ALL=(ALL) NOPASSWD:ALL"]
    shell: /bin/bash

The sudo privileges of cloud-user will now survive a reboot. Alternatively you can retain root access as show here.

like image 37
toppur Avatar answered Jan 13 '23 00:01

toppur
Sign in to Comment

Related questions

SpringBoot - Java AWS SDK 2 DynamoDB Enhanced Client and devtools problem
AWS Codepipeline: Deployment failed. The provided role does not have sufficient permissions: Failed to deploy application
AWS - Education account cannot create cluster, insufficient EC2 permission
Is there a way to find out if a EC2 instance is associated with Auto scaling group
Is it possible to download the contents of a public Lambda layer from AWS given the ARN?
AWS EKS Kubernetes and DockerHub
running google chrome headless on ec2 ubuntu server
Problem installing nginx on ubuntu 20.04 AWS EC2 node
Using CDK to define ECS Fargate cluster with Service Discovery, without Load Balancer
Image caching vs. image processing in PHP and S3
IP address ranges for EC2
Configure Amazon SES on PHPbb3
Is it possible using the Java AWS API to update a Route53 record?
Get Elastic IP from running instance
Elastic beanstalk Rails - defaults to production environment even if I set staging environment
non www to www using AWS Elastic Load balancer and Nginx
Amazon SDK Pod won't compile?
Querying DynamoDB
How do I access my django app running on Amazon ec2?
Amazon Product Advertising API - How I can fetch more than 100 results with ItemSearch?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!