Create AWS AMI with custom SSH username and password

Introduction

EC2 instance that is launched with Amazon Linux AMI will come up with ec2-user and you can only SSH into that instance with Private Key.

Need

We wanted an Amazon Linux AMI (Base Image) with default username (similar to ec2-user) and that should allow SSH login with a password.

SSH login with a password is also a requirement for authenticating user login with OpenLDAP Server. That way our IT Operations need not remember new login information. They can use their existing logins.

Solution

Launch Amazon Linux AMI micro instance.
Connect to instance with private key
Create SSH User and give sudo permission (similar to ec2-user)
1. sudo useradd -s /bin/bash -m -d /home/<ssh-user-home-directory> -g root <ssh-user-name>
2. sudo passwd <ssh-user-name>
Enable Password login for SSH (add following snippet of code at the end of /etc/rc.local file)

if grep -Fxq “PasswordAuthentication no” /etc/ssh/sshd_config then #This instance launched for this first time, pleae enable SSH with password login sed -i ‘s/^PasswordAuthentication.*/PasswordAuthentication yes/’ /etc/ssh/sshd_config /etc/init.d/sshd restart fi This piece of code will change PasswordAuthentication to yes in sshd_config file. (If we don’t do this every time we create Instance with AMI that will overwrite sshd_config file)

Stop the instance
Select Instance and create Image
Now launch Instance with above created AMI.
After Instance is launched you can log in with ssh username you have created in step 3.

Create AWS AMI with custom SSH username and password

Contacts

Services

Quick Links