Score:0

EC2 disabling SSH password authentication from snapshot

br flag

I maintain a CentOS 7 server in AWS EC2 which uses password authentication instead of private keys (this is beyond my control).

I recently started testing a daily backup system using snapshots of the EBS volume. However, if I create an AMI from those snapshots and launch a new instance, it is impossible to connect using SSH. I investigated further and found out that the reason is because at instance launch, EC2 changes my /etc/ssh/sshd_config from PasswordAuthentication yes to PasswordAuthentication no. This happens even if I choose not to associate a key pair during the launch wizard.

Is there some way to prevent EC2 from doing this unwanted modification? Is this located in a script somewhere inside the machine that I can edit or disable?

Score:0
br flag

Managed to get it working. These launch-time configurations (called cloud_init) are located inside /etc/cloud/cloud.cfg. Just change ssh_pwauth to 1 in the main machine and future snapshots will already work appropriately.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.