开发者

How Can I Enable Root SSH Access in An Amazon EC2 Instance?

This issue has been bugging me for the past several days.

I've been working on setting up a LAMP Server on Amazon EC2. The main issue is that I'm writing an application for a client that requires a lot of high-end processing, and Amazon EC2 seemed like a good choice.

Initially I started off with a basic AMI which really didn't have anything. I tried using root access to log into SSH (using WinSCP) and I was told to use ec2-user.

I tried using ec2-user, and I was able to log in. However, I still didn't have root access and couldn't install apache. I 开发者_运维技巧did some reason and I found out about the "sudo" command, and pretty much every article I read on this issue said to either use root access, or log into ec2-user and user sudo.

I have since tried again with a different AMI where LAMP was already installed. I was able to get it working, set up a database and start running a website off of it. However, I still needed to install some extensions. Namely, an API I'm trying to use for this application requires SOAP to be installed.

Here's my dilemma:

/$ whereis soap
soap:
/$ whereis yum
yum: /usr/bin/yum /etc/yum /etc/yum.conf /usr/share/man/man8/yum.8.gz
/$ yum install php-soap
Loaded plugins: fastestmirror, priorities, security
You need to be root to perform this command.
/$ sudo yum install php-soap
sudo: sorry, you must have a tty to run sudo

Command 'sudo yum install php-soap' failed with return code 1 and error message sudo: sorry, you must have a tty to run sudo

I can't use yum because I don't have root access, and whenever I log into root it either tells me to use ec2-user or provide a password I don't have. The other alternative was to use sudo to make ec2-user act like root, but I always get the error 'sorry, you must have a tty to run sudo.' I've ran that error message online and that it seems I need to add a user to sudoers... which I can't do without root access.

This exact same issue plagued me on two separate AMI's. On the first I just received a message saying I had to log in as ec2-user (and I must have a tty to run sudo), while the second (with LAMP installed) required me to enter a password for root, and for user I got the same sudo error.

Here are the id's of the AMI's I used:

ami-8c1fece5
ami-6ae81503

I also tried a third AMI later that also had LAMP installed... I couldn't even get into that one at all.

I did download my SSH key and used PuttyGen to convert it to a ppk file. I can log in successfully as ec2-user, but I cannot gain root access anywhere.

I have been looking around quite a bit for help on this, but every article I've read assumes that the user either has root access available or has sudo available on ec2-user. I don't have either. Is it just that I need a new image?

Any help would be greatly appreciated...


I just tried

$ sudo su

on one of your amis and voila! I am root...

Have fun!

[ec2-user@ip-10-244-146-238 ~]$ sudo su
[root@ip-10-244-146-238 ec2-user]# 


Use a real SSH client like PuTTY, not WinSCP, a file transfer client. All your problems will disappear.


For Debian or Ubuntu EC2:

  1. Set root password via putty:

    sudo passwd root
    
  2. Log in to putty as root

    ubuntu@aws1:~$ su
    Password:
    
  3. Edit your /etc/ssh/sshd_config file and comment out the the last HostKey statement or the one similar to the last one in the example below:

    vi /etc/ssh/sshd_config
    

Then

    # HostKeys for protocol version 2
    HostKey /etc/ssh/ssh_host_rsa_key
    HostKey /etc/ssh/ssh_host_dsa_key
    HostKey /etc/ssh/ssh_host_ecdsa_key
    #HostKey /etc/ssh/ssh_host_ed00000_key
  1. In same file, change the following to look like below:

    PermitRootLogin yes
    #PasswordAuthentication no
    
  2. Restart ssh

    service ssh restart
    
  3. Log in as root with password from WinSCP

*I recommend creating a backup of the file sshd_config before editing and then revert back to original when done.


(Bug report?) This is my log on an instance of ec2, sometimes sudo su doesn't work. I have to log out and ssh again to have it working.

    [ec2-user@ip-XXXX ~]$ su root
    Password:
    su: incorrect password
    [ec2-user@ip-XXXX ~]$ exit
    logout
    Connection to ec2-50XXXX.compute-1.amazonaws.com closed.
    ssh -i automata.pem ec2-user@ecXXXX.compute-1.amazonaws.com
    whereis yum
    yum: /usr/bin/yum /etc/yum.conf /etc/yum /usr/share/man/man8/yum.8.gz
    [ec2-user@ip-XXXX ~]$ sudo su
    [root@ip-XXXX ec2-user]#


The file:

/etc/sudoers

has a line

Defaults requiretty

Commenting this out probably will make the error go away.

I would first try to understand why something in your yum command does no longer have a tty.

Changing a security related file like /etc/sudoers is potentially quiet dangerous.


You need to edit the sshd_config file to allow password based access And you need to add a password to your root user. Simple just follow the steps- sudo passwd root sudo nano -w /etc/ssh/sshd_config Uncomment/Add the following line PasswordAuthentication yes

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜