Linux.com

Home Learn Linux Linux Answers Drivers Password protecting AMI instance
Answers
  • Tried to figure out how it works. But I guess it doesnt work the way I wanted.
    So we decided to go with password login.

    I edited the sshd_config file and set the:
    PasswordAuthentication Yes

    And disabled the root login..

    Answered by kunal
    5 years ago
    1 0
  • Hello Kunal,

    please bear in mind that the whole purpose of a ssh-based login is to replace the password login with something more secure, the use of a secret key to provide a digital signature instead of a cleartext password (on the wire).

    That's why it is a bad idea to return to password logins. Here is how you can proceed:

    Usually the secret key resides only on your local machine, but with EC2 it also is stored here without protection. Another bad idea.
    That, in essence, is the reason why you are not requested for a root password when you use your key.pem.

    If you protect your secret key with a password and reliably remove the unprotected one, everyone who wants to login as root on the instance will have to provide this password in order to get access to your instance.

    Personally, I would not use the old one for this purpose, as someone might have copied this unprotected file already. So you need to create a new one, which also will be unprotected. But then you can simply set a password with the following command and remove the unprotected file from the system:

    ssh-keygen -p -P "" -N "thisisthenewpassword" -f yourunprotected.pem

    This command would overwrite the unprotected file with the new password protected rewritten secret key.

    If you use it you would be prompted for the password to unlock the (protected) secret key and then it is used to create a digital signature which eventually lets you log into the instance.

    Ralph

    Answered by kerrylinux
    4 years ago
    0 1
  • Hi Ralph,

    Thanx for the answer :) Its took ages to get this answer ;)

    Answered by kunal
    4 years ago
    0 0
Please register/login to answer this question. Click here to login
Similar Questions Found
Questions from category Drivers

Upcoming Linux Foundation Courses

  1. LFD411 Embedded Linux Development
    25 Aug » 29 Aug - Santa Clara, CA
    Details
  2. LFS422 High Availability Linux Architecture
    08 Sep » 11 Sep - Raleigh, NC
    Details
  3. LFS426 Linux Performance Tuning
    08 Sep » 11 Sep - New York
    Details

View All Upcoming Courses

Community Answers - Search


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board