IBM Cloud Orchestrator, Version 2.5

Password authentication on Amazon EC2 images

You can allow password authentication on Amazon EC2 images.

Usually, Amazon Linux images have password and root login disabled by default. Amazon AWS EC2 recommends to use SSH keys to access the images. The images are usually also sudo enabled.
You can enable password and root login using the following procedure:
  1. Update the cloud-init configuration file to allow root access and password login.
  2. Update the authorized_keys file.
  3. Update the sshd_config file to enable password authentication and root login.
Note: Future Amazon updates to the images might require changes to the procedure.

Update the cloud-init configuration file

Make sure that the following lines are in the /etc/cloud/cloud.cfg file:
disable_root: false
ssh_pwauth:   true
These properties enable root login and password authentication in cloud-init. They are required to set the password via user-data.

Update the authorized_keys file

In the authorized_keys file, remove the command prefix and leave only the ssh-rsa statement. For example, change the following default content:
no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login 
as the user \"ec2-user\" rather than the user \"root\".';echo;sleep 10" 
ssh-rsa <content of sshkey>
to the following content:
ssh-rsa <content of sshkey>

Update the sshd_config file

Log on to the Amazon EC2 image by using SSH and complete the following steps:
  1. Edit the /etc/ssh/sshd_config file.
  2. Update the following lines:
    PasswordAuthentication yes
PermitRootLogin yes
  3. Save the file.
  4. Run the following command: 
    sudo service sshd restart
Parent topic: Reference