Amazon cloud AWS EC2 server, use the root superuser to log in

How to log in to Amazon Cloud using root account SSH

The default is to use-User account login, there is no permission for many folders. Need to change to root super administrator login.

Note: before creating When using the operating system, you need to create a key pair firstFor remote control, the "private key file format" system defaults to ".PPK" when creating, useFor connection, do not change here. If you choose the commonly used ".pem" format, you need to use 7 Make the connection.

AWS Amazon Cloud Red Hat 9 WEB server builds LNMP-1

Step 1: Use the ssh tool to remotely log in to the Amazon cloud server

Using the tool, SSH connection, select Public Key for the method, fill in -user for the account, and select the user key beforeKey file downloaded from . There is no need to fill in the password for the key.

Log in as root superuser on Amazon AWS EC2

Log in as root superuser on Amazon AWS EC2

Step 2: Create root password

Enter the following command:

sudo passwd root

Enter a password for your root, and then you will be prompted to enter a new password. You need to enter it again for verification.

Log in as root superuser on Amazon AWS EC2

Step 3: Switch to root identity

Next, switch to the root identity and enter the following command:

su root

Step 4: Modify SSH configuration file

Edit as rootSSH login method, modify the SSH location file.

vi /etc/ssh/sshd_config

Port 22 The remote SSH port is 22 by default. No need to change it. If you want to use other ports, cancel the # comment and fill in the port number. At the same time, pay attention to whether your firewall has enabled the port. Firewalls include system firewalls, firewalls on the , and SELinux.

PermitRootLogin If it is no or marked with # number, it needs to be changed to PermitRootLogin yes

PasswordAuthentication no changed to PasswordAuthentication yes

Change UsePAM yes to UsePAM no

After modification, esc exits the editing mode, and after :wq is saved, the SELinux service needs to be closed.

Step 5: Add ec2-user login password

After logging in using ec2-user, switch to the root super management user, and then set the login password of ec2-user.

Log in as root superuser on Amazon AWS EC2

Restart the after setting is complete.

If is not possible, please check whether SELinux is turned off.

How to turn off SELinux

Security Enhanced (SELinux) is a Linux kernel feature that provides a security policy protection mechanism that supports access control.

Verify SELinux status

Remotely connect to the EC2 instance with root privileges.
Run the getenforce command to verify the SELinux status. The return status should be enforcing or permissive, and the current status is enforcing. Run the sestatus command to obtain more SELinux information.

Log in as root superuser on Amazon AWS EC2

The parameter information SELinux status is displayed as enabled, indicating that SELinux has been started.

Turn off SELinux

Remotely connect to the ECS instance with root privileges. For connection methods, see Connection Method Overview.
Run the command getenforce to verify the SELinux status.

If the return status is enforcing, it indicates that SELinux is turned on.
Choose to temporarily disable or permanently disable SELinux.

Execute the command setenforce 0 to temporarily shut down SELinux.

Shut down SElinux permanently. Run the following command to edit the SELinux config file.

vi /etc/selinux/config

Find SELINUX=enforcing, press i to enter edit mode, and change the parameters to SELINUX=disabled.

Log in as root superuser on Amazon AWS EC2

After the modification is completed, press the Esc key on the keyboard, execute the command: wq, save and exit the file.
reboot Restart the ECS instance.

After restarting, run the getenforce command to verify that the SELinux status is disabled, indicating that SELinux is turned off.

Red Hat 9 Firewall

The system firewall of is closed by default. If you want to open ports, you need to set open ports in the AWS cloud platform, or set up a transparent firewall and open all ports!


Leave a Reply

Your email address will not be published. Required fields are marked *