Image from Wallhaven
Servers on AWS provide certain levels of security for users. That’s great. But too many security concerns may cause your daily operations less convenient. A good example is that you need to provide the correct key file (a file with a .pem suffix) whenever you connect to an AWS EC2 instance using SSH. For example, if I would like to access my EC2 instance on AWS, I have to save the key file on my laptop and connect it as follows (assume that the 2.0.7.7 is the IP address):
ssh -i myserver.pem ec2-user@2.0.7.7
In a production environment, this level of security is definitely necessary. But if you just wanna try a testing server or a personal server for learning, it’s not convenient enough. How about you are using another laptop that doesn’t save the myserver.pem file? Not to mention that you can’t use the root user to connect the AWS instance directly through this way.
The good news is that Linux, which is different from Windows, gives you as much freedom as you like. Of course, there is a method to make your life easier if security is not a big issue.
All you need are just 4 steps.
0. Connect to your EC2 instance using the key file
We have to access the server this way again to make changes. But believe me, this is the last time you need to provide the .pem file.
ssh -i myserver.pem ec2-user@2.0.7.7
1. Change the configuration of SSH
This is the core step.
The configuration of SSH relative stuff is under this path: “/etc/ssh/”. We need to change the file named sshd_config.
vi /etc/ssh/sshd_config
What we need to change are two things:
- Uncomment the
PermitRootLogin yesto enable logins through the root user.
- Uncomment the
PasswordAuthentication yesand comment out thePasswordAuthentication no
- Of course, don’t forget to save the file you just changed.
2. Restart the service
Now, you finished the changes of the configuration file. Just restart the service:
sudo service sshd restart
3. Change the password of the root user
Last but not least, we need to give the root user a new password so then we can use it to log in. We can input the following command:
sudo passwd root
And then just follow the instructions on the terminal to change the password. Everything is done now. To have a try, exit the current session and connect to the server again as follows:
ssh root@2.0.7.7
Now, no key file is needed, all you need to do is inputting the password of the root user. No matter which laptop you are using, and no matter whether it saves the key file or not, you can just use it to connect your AWS server through the root user directly. (As long as you remember the password of the root user. 😄) Note: This method, as I said at the beginning, is not as secure as the key-pair way. AWS won’t make our lives harder intently. For production servers, you shouldn’t change them like the above.