I’m trying to create an AMI image using Amazon Linux distro with a custom user/pass.
What I did (manually):
- Launch an Amazon instance using Amazon Linux AMI
- login with user
ec2-user
- Create a new user, for example
admin
- Change password for user
admin
- Add user
admin
to wheel group:usermod -aG wheel admin
- Add user
admin
to sudoers file:sudo echo "admin ALL=NOPASSWD:ALL " > /etc/sudoers.d/admin
- Permit ssh user/pass login in
/etc/sshd/sshd_config
(PermitRootLogin yes )
- restart ssh service:
/etc/init.d/ssh restart
- When I try to login with user
admin
– success. But when creating a new AMI image and launch a new instance from the newly created AMI, logging via useradmin
orec2-user
–Permission denied (publickey).
What am I missing?
Advertisement
Answer
The issue is that the EC2 service is not aware of your changes when you are launching the instance with the AMI you created. I found a solution for that problem using Cloud-Init which is built-in on Amazon Linux and other official AMIs as well, the complete tutorial can be found here: https://emagalha.es/blog/2018/01/21/customizing-the-default-user-of-an-ubuntu-ami/
In short, here is what you need to do:
- Launch an instance with the Amazon Linux AMI placing the following lines in the user data field:
#cloud-config system_info: default_user: name: admin
Connect to the instance using the admin user and create a file at
/etc/cloud/cloud.cfg.d/defaults.cfg
with the same contents of the user data file you used to launch the instance.Shut down the instance and create the AMI
Enjoy!
You can also update the /etc/cloud/cloud.cfg.d/00_defaults.cfg
inside the instance with the new username instead of creating a new file. I just like creating a new file to make the change more transparent, in any case, the choice is yours.