Create AWS AMI with custom SSH username and password

Ramu Kambalapuram
Ramu Kambalapuram

September 3, 2017

Introduction

EC2 instance that is launched with Amazon Linux AMI will come up with ec2-user and you can only SSH into that instance with Private Key.

Need

We wanted an Amazon Linux AMI (Base Image) with default username (similar to ec2-user) and that should allow SSH login with a password.

SSH login with a password is also a requirement for authenticating user login with OpenLDAP Server. That way our IT Operations need not remember new login information.  They can use their existing logins.

Solution

  1. Launch Amazon Linux AMI micro instance.
  2. Connect to instance with private key
  3. Create SSH User and give sudo permission  (similar to ec2-user)
    1. sudo useradd -s /bin/bash -m -d /home/<ssh-user-home-directory> -g root <ssh-user-name>
    2. sudo passwd <ssh-user-name>
  4. Enable Password login for SSH (add following snippet of code at the end of /etc/rc.local file)

           if grep -Fxq “PasswordAuthentication no” /etc/ssh/sshd_config 

           then

                   #This instance launched for this first time, pleae enable SSH with password login

                    sed -i ‘s/^PasswordAuthentication.*/PasswordAuthentication yes/’ /etc/ssh/sshd_config

                    /etc/init.d/sshd restart

           fi

           This piece of code will change PasswordAuthentication to yes in sshd_config file. (If we don’t do       this every time we create Instance with AMI that will overwrite sshd_config file)

  1. Stop the instance
  2. Select Instance and create Image
  3. Now launch Instance with above created AMI.
  4. After Instance is launched you can log in with ssh username you have created in step 3.

Leave a Reply

Your email address will not be published. Required fields are marked *

Pin It on Pinterest