I had zsh installed on one of my EC2 instance, I didn't like it much, so removed it.
$ sudo apt-get remove zsh
$ exit
And exited from my instance. Now I'm not able to log in back with error Permission denied (publickey).
There is no other user with whom I can log in. I checked several similar questions for Ubuntu machine, found that we can fix this by logging into single user mode, but how to do this on AWS EC2?
I think I missed the part sudo chsh -s /bin/bash <username>.
How do I get back ssh login? I have a Basic support plan on AWS which does not have Technical Support.
I would suggest you do the following:
Stop your instance
Detach the volume
Create new instance
Attach the volume from your problematic instance to the new instance
Mount it on /mnt/something or where ever you want so that you could have access to it
Manually fix the shell for the user you're trying to log in. One you're done, detach the volume from instance #2 and attach it to your main instance.
Related
I am trying to run a docker command as part of a jenkins job using shell. I get a standard error stating
"Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/images/json: dial unix /var/run/docker.sock: connect: permission denied"
I will require some help on
1. how to find the path where docker is installed which can be added to JENKINS global configuration
2. workaround to fix this permission issue(running as a sudo user/any other specific user)
I have already experimented by adding the JENKINS users to admin group, staff group, made administrator. But, nothing has actually helped. I still get the standard error
Tried the below code on terminal too
sudo -u jenkins docker images
OUTPUT:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/images/json: dial unix /var/run/docker.sock: connect: permission denied
I am expecting to run this code without the error. Only then my jenkins pipeline will be complete.
To find the path where docker is installed, simply run a which docker. Usually, it'll be installed somewhere in the standard PATH already, so probably Jenkins will already have access. As you get the permission denied error message, it looks like Jenkins is already using the correct docker executable.
Depending on the distribution or operating system you are using, you will most likely need to add the jenkins user to a docker group, e.g. sudo usermod -aG docker jenkins. To find out which group you need, run:
$ ls -l /var/run/docker.sock
srw-rw---- 1 root docker 0 Apr 30 16:20 /var/run/docker.sock
In the second line, you see the group that docker.sock is owned by. Add the jenkins user to that group.
I am using user-data of ec2 instance to power up my auto scale instances and run the application. I am running node js application.
But it is not working properly. I have debugged and checked the instance cloud monitor output. So it says
pm2 command not found
After reading and investigating a lot I have found that the path for the command as root is not there.
As EC2 user-data when it tries to run it finds the path
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
After ssh as ec2-user it is
/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/ec2-user/.local/bin:/home/ec2-user/bin
After ssh as sudo su it is
/root/.nvm/versions/node/v10.15.3/bin:/sbin:/bin:/usr/sbin:/usr/bin
It works only for the last path.
So what is the way or script to run the command as root during launch of the instance provided by user-data?
All thought to start your application with userdata is not recommended, because as per AWS documentation they are not assuring that instance will only come up after successful execution of user data. Even if user data failed it will spin up your instance.
For your problem, I assume if you give the complete absolute path of the binary, It will work.
/root/.nvm/versions/node/v10.15.3/bin/pm2
Better solution for this approach, create a service file for your application startup and start application with systemd or service.
My client had installed AWS Marketplace Bitnami WordPress and he do not have any .pem file & credentials associated with that EC2 instance. We need to change something in wp-config.php & .htaccess file. Now we are not able to do this.
I googled but not found anything fruitful.
Hey not sure if this helps because you need to have the .pem file to be able to use this technique and it is not best practice but, you can set a password for root/user to ssh into that server. This is an example of how to ssh into root user:
1) Login into your instance with the .pem file
2) Update
3) sudo su
4) cd / (just incase)
5) Edit, vim /etc/ssh/sshd_config and edit or do the equivilent of uncommenting these lines:
Port 22
PasswordAuthentication yes
PermitRootLogin yes
6) Restart sshd service, service sshd restart or systemctl restart sshd or equivilent
7) Set password, passwd
8) Log out and log back in without .pem file ssh root#12.345.67.890
run sudo vi /etc/ssh/sshd_config look for "PasswordAuthentication No" and change it to "PasswordAuthentication Yes" then save the file and exit :wq
restart ssh with "sudo service sshd restart", logout & then connect to test if all is well.
Sorry, I am posting an answer to my own question. As after 1-week discussion with AWS support they share an option to me where I can use my client's EC2 instance (that is not associated with any keypair/.pem file). They reset my setting and shared lines of code that I need to add in textarea under "View/Change User Data".
And this lines of code had user:password string. With those credentials, I connected to SSH and completed my job... :)
Sorry for security reason I can not share the lines of code. But I answered my because I am sure this answer will help someone in future. Actually needy will get a hint from my answer (i.e. "View/Change User Data") and he/she can directly contact AWS Support.
In looking at Get Started with Bitnami Applications in the AWS Marketplace, it appears that a keypair needs to be selected when launching the instance.
The article No Keypair for Bitnami Wordpress Instance - WordPress - Bitnami Community suggests that you could use a plugin file manager to get a key onto the instance, but it is probably easier to launch a new instance and migrate the WordPress configuration across.
I have installed Jenkins on my local, I have created my own EC2 instance, I can ssh into my instance and run some shell scripts to shut down my Wildfly server installed on my instance.
This is what I do when I do it manually on my Mac.
open my mac terminal, type
ssh -i /Users/xxx/tools/xxxx.pem ubuntu#10.206.xxx.xx
It will login to my Instance, and then I type:
cd /srv/wildfly-10.1.0.Final/bin
sudo -s
source /etc/profile
./jboss-cli.sh --connect command=:shutdown
The screen will output
{"outcome" => "success"}
Now, I want to using Jenkins, when I click build button, it will ssh into that instance and run these shell scripts for me. The output is expected the same as I run it after I ssh into the instance.
My question is: what steps should I follow, after I login to my Jenkins local environment: localhost:8080
Create a New Item, which one? Is there some plugin I can use? Where to put my shell scripts, will it run successfully?
A guide would be helpful, thanks a lot!
Additon:
when I try to login: using my ssh command, I get this error:
Pseudo-terminal will not be allocated because stdin is not a terminal.
Host key verification failed.
Too many questions to answer in one post. but this should get you started.
ssh from jenkins to your ec2 should be password less, should you need to set the keys in jenkins. use the credential manager and create one, by pasting the private key
https://www.cloudbees.com/blog/using-ssh-jenkins
Refer remote command execution over ssh for the rest of the task.
you will find how to do this in tons.. but this should give you an idea. https://www.cyberciti.biz/faq/unix-linux-execute-command-using-ssh/
For the question on job type, at this point just go with the freestyle .. And later, you may plan for fancy stuff.
You need to add the PEM file details in place where it asks for Private Key
I have previously setup a EC2 instance on Ubuntu 10.04 and setup the necessary binaries to allow ssh and more importantly FreeNX(no machine) to work on my MacOS-10.6 machine.
As this was done on a micro instance, i was keen to try it on small instance today so i created a AMI image from the aws management console(browser) and launch a new small instance using the image with the exact same keypair and security setting.
Expecting the instance to work exactly the same(except much faster) i tried to connect to it using SSH and FreeNX again.
Result:
SSH is working fine and my env look exactly the same.
NX is unable to connect.
it complain username/password is incorrect.
I wonder why this is happen since i did an exact clone of the EC2 instance and i can connect fine using NX with the previous instance?
I had the same issue, and after a lot of searching fixed it. It seems freenx lost the usernames and passwords. I fixed it by doing the following:
log in with putty as ubuntu user then
cd /etc/nxserver
sudo vim node.conf
set ENABLE_PASSDB_AUTHENTICATION="1" and save the file
then
sudo nxserver --adduser xxxxxx
sudo nxserver --passwd yyyyyy
sudo nxserver --restart
after that I was able to log in using nomachine with the username and password I just set.