How to log in to Amazon Cloud using root account SSH
Note: before creating linux Red Hat 9 When using the operating system, you need to create a key pair firstSSHFor remote control, the "private key file format" system defaults to ".PPK" when creating, usePuTTYFor SSH connection, do not change here. If you choose the commonly used ".pem" format, you need to useXshell 7 Make the connection.
Step 1: Use the ssh tool to remotely log in to the Amazon cloud server
Using the Xshell tool, buildAmazonCloud SSH connection, select Public Key for the method, fill in ec2-user for the account, and select the user key beforeAWSKey file downloaded from Amazon Cloud. There is no need to fill in the password for the key.
Step 2: Create root password
Enter the following command:
sudo passwd root
Enter a password for your root, and then you will be prompted to enter a new password. You need to enter it again for verification.
Step 3: Switch to root identity
Next, switch to the root identity and enter the following command:
Step 4: Modify SSH configuration file
Edit as rootAmazon Cloud HostSSH login method, modify the SSH location file.
Port 22 The remote SSH port is 22 by default. No need to change it. If you want to use other ports, cancel the # comment and fill in the port number. At the same time, pay attention to whether your firewall has enabled the port. Firewalls include system firewalls, firewalls on the AWS Amazon cloud platform, and SELinux.
PermitRootLogin If it is no or marked with # number, it needs to be changed to PermitRootLogin yes
PasswordAuthentication no changed to PasswordAuthentication yes
Change UsePAM yes to UsePAM no
After modification, esc exits the editing mode, and after :wq is saved, the SELinux service needs to be closed.
Step 5: Add ec2-user login password
After logging in using ec2-user, switch to the root super management user, and then set the login password of ec2-user.
Restart the server after setting is complete.
If ssh remote login is not possible, please check whether SELinux is turned off.
How to turn off SELinux
Security Enhanced Linux (SELinux) is a Linux kernel feature that provides a security policy protection mechanism that supports access control.
Verify SELinux status
Remotely connect to the EC2 instance with root privileges.
Run the getenforce command to verify the SELinux status. The return status should be enforcing or permissive, and the current status is enforcing. Run the sestatus command to obtain more SELinux information.
The parameter information SELinux status is displayed as enabled, indicating that SELinux has been started.
Turn off SELinux
Remotely connect to the ECS instance with root privileges. For connection methods, see Connection Method Overview.
Run the command getenforce to verify the SELinux status.
If the return status is enforcing, it indicates that SELinux is turned on.
Choose to temporarily disable or permanently disable SELinux.
Execute the command setenforce 0 to temporarily shut down SELinux.
Shut down SElinux permanently. Run the following command to edit the SELinux config file.
Find SELINUX=enforcing, press i to enter edit mode, and change the parameters to SELINUX=disabled.
After the modification is completed, press the Esc key on the keyboard, execute the command: wq, save and exit the file.
reboot Restart the ECS instance.
After restarting, run the getenforce command to verify that the SELinux status is disabled, indicating that SELinux is turned off.
Red Hat 9 Firewall
The system firewall of Red Hat 9 is closed by default. If you want to open ports, you need to set open ports in the AWS cloud platform, or set up a transparent firewall and open all ports!