I’m trying to create an AMI image using Amazon Linux distro with a custom user/pass.
What I did (manually):
- Launch an Amazon instance using Amazon Linux AMI
- login with user
ec2-user - Create a new user, for example
admin - Change password for user
admin - Add user
adminto wheel group:usermod -aG wheel admin - Add user
adminto sudoers file:sudo echo "admin ALL=NOPASSWD:ALL " > /etc/sudoers.d/admin - Permit ssh user/pass login in
/etc/sshd/sshd_config(PermitRootLogin yes ) - restart ssh service:
/etc/init.d/ssh restart - When I try to login with user
admin– success. But when creating a new AMI image and launch a new instance from the newly created AMI, logging via useradminorec2-user–Permission denied (publickey).
What am I missing?
Advertisement
Answer
The issue is that the EC2 service is not aware of your changes when you are launching the instance with the AMI you created. I found a solution for that problem using Cloud-Init which is built-in on Amazon Linux and other official AMIs as well, the complete tutorial can be found here: https://emagalha.es/blog/2018/01/21/customizing-the-default-user-of-an-ubuntu-ami/
In short, here is what you need to do:
- Launch an instance with the Amazon Linux AMI placing the following lines in the user data field:
#cloud-config
system_info:
default_user:
name: admin
Connect to the instance using the admin user and create a file at
/etc/cloud/cloud.cfg.d/defaults.cfgwith the same contents of the user data file you used to launch the instance.Shut down the instance and create the AMI
Enjoy!
You can also update the /etc/cloud/cloud.cfg.d/00_defaults.cfg inside the instance with the new username instead of creating a new file. I just like creating a new file to make the change more transparent, in any case, the choice is yours.