How to access SSH of AWS EC2 Instance without keypair/pem file - amazon-ec2

My client had installed AWS Marketplace Bitnami WordPress and he do not have any .pem file & credentials associated with that EC2 instance. We need to change something in wp-config.php & .htaccess file. Now we are not able to do this.
I googled but not found anything fruitful.

Hey not sure if this helps because you need to have the .pem file to be able to use this technique and it is not best practice but, you can set a password for root/user to ssh into that server. This is an example of how to ssh into root user:
1) Login into your instance with the .pem file
2) Update
3) sudo su
4) cd / (just incase)
5) Edit, vim /etc/ssh/sshd_config and edit or do the equivilent of uncommenting these lines:
Port 22
PasswordAuthentication yes
PermitRootLogin yes
6) Restart sshd service, service sshd restart or systemctl restart sshd or equivilent
7) Set password, passwd
8) Log out and log back in without .pem file ssh root#12.345.67.890

run sudo vi /etc/ssh/sshd_config look for "PasswordAuthentication No" and change it to "PasswordAuthentication Yes" then save the file and exit :wq
restart ssh with "sudo service sshd restart", logout & then connect to test if all is well.

Sorry, I am posting an answer to my own question. As after 1-week discussion with AWS support they share an option to me where I can use my client's EC2 instance (that is not associated with any keypair/.pem file). They reset my setting and shared lines of code that I need to add in textarea under "View/Change User Data".
And this lines of code had user:password string. With those credentials, I connected to SSH and completed my job... :)
Sorry for security reason I can not share the lines of code. But I answered my because I am sure this answer will help someone in future. Actually needy will get a hint from my answer (i.e. "View/Change User Data") and he/she can directly contact AWS Support.

In looking at Get Started with Bitnami Applications in the AWS Marketplace, it appears that a keypair needs to be selected when launching the instance.
The article No Keypair for Bitnami Wordpress Instance - WordPress - Bitnami Community suggests that you could use a plugin file manager to get a key onto the instance, but it is probably easier to launch a new instance and migrate the WordPress configuration across.

Related

How to spin up spinnaker locally for the first time

How to spin up a local version of Spinnaker? This has been answered and addressed in detail here.
https://github.com/spinnaker/spinnaker/issues/1729
Ok, so I got it to work, but not without you valuable help! #lwander
So I'll leave the steps here for posterity.
Each line is a separate command in the command line, I've installed this on a virtual machine with a freshly installed Ubuntu 14.04 copy with nothing else than SSH. Then SSH as root, You will need to configure sshd on your console to allow root access.
https://askubuntu.com/questions/469143/how-to-enable-ssh-root-access-on-ubuntu-14-04
> curl -O https://raw.githubusercontent.com/spinnaker/halyard/master/install/stable/InstallHalyard.sh
created a user account member of the adm and sudo groups (is this necessary???)
then Install Halyard:
bash InstallHalyard.sh
Verify that HAL is installed and validate its version.
hal -v
Tell Hal that the deployment type will be as a local instance (this will publish all services in localhost which will be tricky later in order to access them, but I have a turnaround so keep reading)
hal config deploy edit --type localdebian
Hal will complain that a version has not been selected, just tell HAL which version:
hal config version edit --version 1.0.0
The tell HAL which storage you are going to use, in my case and since it is local I want to use redis.
hal config storage edit --type redis
So now we need to add a cloud provider to HAL, we use AWS so we add it like this:
hal config provider aws edit --access-key-idXXXXXXXXXXXXXXXXXXXX--secret-access-key
I created a user on AWS and added access keys to the user inside IAM on the user security credentials tab. Obviously my access-key-idis not XXXXXXXXXXXXXXXXXXXX, I edited it. You do not need to enter the secret-access-key because the command will prompt for it.
Then you need to create a username relative or that will only concern you spinnaker installation however this will get related to you AWS Account-ID, so in MY spinnaker local installation I chose the username spinnakermaster you should choose yours!. And my AWS Account ID is not YYYYYYYYYYYY, I've edited too.
All the configurations and steps that you'll need to do inside AWS for this to work are really well documented here:
[https://www.spinnaker.io/setup/providers/aws/](https://www.spinnaker.io/setup/providers/aws/
)
And to tell HAL of of the above here's the command:
hal config provider aws account add spinnakermaster --account-id YYYYYYYYYYYY --assume-role role/spinnakerManaged
And after all that and if everything went according to plan we can ask HAL to deploy our brand new spinnaker installation.
hal deploy apply
It will begin a long installation downloading and configuring all the services.
Once it has finished you may do whatever you like but in my case I created a monitoring script like the one described here:
https://github.com/spinnaker/spinnaker/issues/854
Which can be launched on a recursive manner as this:
watch -n1 spinnaker-status.shor until toctrl+Cit!.
then to be able to access your local VM spinnaker copy you can either setup a reverse proxy with the proxy server of your choice to forward all the requests to localhost or you can simply ssh the SH** out of this redirecting the ports;
ssh root#ZZZ.ZZZ.ZZZ.ZZZ -L 9000:127.0.0.1:9000 -L 8084:127.0.0.1:8084 -L 8083:127.0.0.1:8083 -L 7002:127.0.0.1:7002 -L 8087:127.0.0.1:8087 -L 8080:127.0.0.1:8080 -L 8088:127.0.0.1:8088 -L 8089:127.0.0.1:8089
Where obviously theZZZ.ZZZ.ZZZ.ZZZ is not an actual IP Address.
And finally to begin having fun with this cutie you have to go to your browser of choice and type into the address bar:
http://127.0.0.0:9000
Hope this helps and saves some time to everybody!.
Cheers.
EN

ProFTPD can't connect after install

Installed Webmin successfully on a Debian system.
Created a virtual server, added some users and a domain.
Installed ProFTPD via Webmin's unused modules.
Added a new user with same named group via System -> Users and Groups.
Tried to connect via ftp using my server's external ip and my new user's credentials.
This should work according to most tutorials but it doesn't.
I'm suspecting some other service handles FTP requests before ProFTPD.
Is there a way to monitor protocol handlers? Could it be something else?
Thanks in advance.
because webmin try start it as deamon, but maybe (like me on archlinux) you need to start it as system service... on root:
systemctl start proftpd.service
If you want to look at the logs error (if there is errors, but if server is not start, it should ne have error...) then use:
journalctl -xe command (as root), or
systemctl --failed , or
systemctl status proftpd.service (all of these commands under root user or sudoers users).
So first of all, check that service is running:
systemctl status
then check the config file of webmin service for proftpd use the correct protocol for call service (systemd for example), and then use correct sentence code for start/stop it. Check also it goes to look at the correct config file of proftpd current install place (depend of your distribution or the way you install it).
proftpd is not installed by webmin, proftpd is installed, then from webmin, you install a module who has to communicate with allready installed application proftpd. If this module is well configured for point on actual proftpd installation and correct call of service, then all will have to works.
(please, if this answer help you, do up vote for my answer, without notation when i help, i can not help more because i'm locked by the system, hope you understand)
Have a look at the server's log, check le ProFTP daemon status, check the firewall

FreeNX(nomachine) unable to connect after cloning of a working ubuntu EC2 instance

I have previously setup a EC2 instance on Ubuntu 10.04 and setup the necessary binaries to allow ssh and more importantly FreeNX(no machine) to work on my MacOS-10.6 machine.
As this was done on a micro instance, i was keen to try it on small instance today so i created a AMI image from the aws management console(browser) and launch a new small instance using the image with the exact same keypair and security setting.
Expecting the instance to work exactly the same(except much faster) i tried to connect to it using SSH and FreeNX again.
Result:
SSH is working fine and my env look exactly the same.
NX is unable to connect.
it complain username/password is incorrect.
I wonder why this is happen since i did an exact clone of the EC2 instance and i can connect fine using NX with the previous instance?
I had the same issue, and after a lot of searching fixed it. It seems freenx lost the usernames and passwords. I fixed it by doing the following:
log in with putty as ubuntu user then
cd /etc/nxserver
sudo vim node.conf
set ENABLE_PASSDB_AUTHENTICATION="1" and save the file
then
sudo nxserver --adduser xxxxxx
sudo nxserver --passwd yyyyyy
sudo nxserver --restart
after that I was able to log in using nomachine with the username and password I just set.

Help Accessing Amazon EC2 Instance

Trying to set up first EC2 instance for simple (currently) php app, using osx 10.6. When i try to access my new instance in the command line i can only get ssh: connect to host xx.xxx.xxx.xxx port 22: Operation timed out.
i'm typing this at command line:
ssh -i <MYPEMNAME>.pem ec2-user#<PRIVATEIP/PUBLICDNS/ELASTICIP>
i have this as a security rule in the management console:
rule name: web_access
22(SSH) 0.0.0.0
80(HTTP) 0.0.0.0
i have ssh completely open just to test this, i'll get a more appropriate ip when it works.
i created an elastic IP, which was one option i tried after 'ec2-user#...'
i also generated a .pem when i created the instance which i have saved to a folder .ec2 on my machine, named as referenced in .pem above.
the management console says the instance is running. i think im just doing the ssh access wrong at this point.
any help tremendously appreciated!
thanks
Yeah, comments were pretty correct. It was an ssh issue and the main thing was that i was trying to add a custom security rule that allowed ssh but the default didn't. and for whatever reason the custom rule wasn't being applied so i just edited the default rule to allow port 22 (ssh) and I was pretty much up and running. Also needed to run chmod. !! Anddd, if you add a new keypair like I did, you may need to go into the ssh/known_hosts file and delete reference to your old keypair. that was hanging me up for a while with a an error out a middleman attack.
thanks

How to Connect to localhost with SSH(PuTTy)

I just figured how to connect to my webhost with PuTTy .
But how to I connect to my localhost? I put
Servername: localhost
port: 22 (I've tried 80 too)
And it gives me an error "failed to connect"
How do I connect?
If you are using Cygwin on your local host, you can connect to Cygwin's sshd (SSH Daemon).
3 easy commands to install the sshd as a service: (always there when you startup the machine)
$ ssh-host-config -y # enable sshd. "-y" answers yes to all queries.
$ cygrunsrv --start sshd # start it as an autostart Windows service
$ ssh localhost # try to recursively log in via ssh
Taken from: http://nfnaaron.posterous.com/tag/puttycyg#Section2
(The second approach)
=> You get the entire ssh infrastructure: public key authentication, ssh-agent, etc...
Ensure that you have running a SSH server (such as openssh-server) running on localhost and not just a web server (such as apache). Also ensure, that localhost is really mapping to 127.0.0.0/8
The solution in the answer above won't work unless you have installed Cygwin with the OpenSSH package selected - you have to do this manually during the installation process (see option a below).
Depending on the intended purpose of your connection you can try one of the options below, option (b) being much easier to install but lacking the *nix shell capabilities.
a. You can install a Cygwin shell with ssh server, this site (http://ist.uwaterloo.ca/~kscully/CygwinSSHD_W2K3.html) has instructions for Windows Server but they work for other Windows too with may be some of the questions shown in the output on the page not appearing on non-server version of Windows. Also, where it says in the instructions to issue the command:
mount -s --change-cygdrive-prefix /
delete the -s option so that the command is
mount --change-cygdrive-prefix /
(at least this was the case for me on Windows 7).
b. PuTTy site suggests WinSSHD (http://www.bitvise.com/winsshd-download). It's an easy self-installer. Once it's up you have to click onthe StartSSHD link about 1/3rd of the screen down on the first page of the config window. Then you can connect your PuTTy to localhost. However, in my experience, it didn't provide any *nix command support, only the native Windows ones and I couldn't find anything in their user guide on this.
Hope this helps.
Just adding this answer in case anyone is still looking for a solution.
In your hostname (or IP address) section, enter localhost or 127.0.0.1
Leave the port to its default value 22
Click on open
Now a login shell will popup -
Log in as your username, your username is basically what you get when you type whoami in your Terminal.
In the password section, type the password that you use as your system's password.
The above steps should connect localhost with ssh(PuTTY)

Resources