Password authentication on Amazon EC2 images
You can allow password authentication on Amazon EC2 images.
Usually, Amazon Linux images have password and root login
disabled by default. Amazon AWS EC2 recommends to use SSH keys to
access the images. The images are usually also sudo enabled.
You
can enable password and root login using the following procedure:
- Update the cloud-init configuration file to allow root access and password login.
- Update the authorized_keys file.
- Update the sshd_config file to enable password authentication and root login.
Note: Future Amazon updates to the images might require changes
to the procedure.
Update the cloud-init configuration file
Make sure that the following lines are in the /etc/cloud/cloud.cfg file:disable_root: false
ssh_pwauth: true
These properties enable root login and
password authentication in cloud-init. They are required to set the
password via user-data.Update the authorized_keys file
In the authorized_keys file, remove the command prefix and leave only the ssh-rsa statement. For example, change the following default content:no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login
as the user \"ec2-user\" rather than the user \"root\".';echo;sleep 10"
ssh-rsa <content of sshkey>
to the following content:ssh-rsa <content of sshkey>
Update the sshd_config file
Log on to the Amazon EC2 image by using SSH and complete the following steps:- Edit the /etc/ssh/sshd_config file.
- Update the following lines:
PasswordAuthentication yes PermitRootLogin yes
- Save the file.
- Run the following command:
sudo service sshd restart