I worked on setting up 2FA while doing ssh in EC2 instance. But after the setup instance is still not asking for 2FA code and directly logs my user i.e. ubuntu into the server.
I did following steps to setup 2FA:
Install Google Authenticator PAM module.
sudo apt install libpam-google-authenticator
Add auth required pam_google_authenticator.so to /etc/pam.d/sshd
Restart ssh sudo systemctl restart sshd.service
Update sshd_config with following:
ChallengeResponseAuthentication yes PasswordAuthentication no
Run command google-authenticator
Please help me resolve this issue. Thanks in advance.
I was facing this issue because of other configuration was enabled. PubKeyAuthentication was used instead of authenticator. I change it to PubKeyAuthentication no which resolved the issue.
Related
I am trying to authenticate as sudo in a linux Google Cloud VM. I know there are several similar questions, but none have solved my problem. Here's what I've tried:
Setting a password using sudo passwd, as in this answer.
Giving myself 'Compute Admin' permissions in IAM, and then running sudo passwd, as in this answer.
Running sudo invoke-rc.d procps start, as in this answer.
Running sudo passwd in the cloud shell terminal, successfully setting a password there, restarting and SSHing into my VM, and then trying to either set a password or authenticate as sudo
For all these, I am connecting using GCloud's SSH in browser. Every time, I just get prompted for the sudo password, and nothing I type in works. In case it matters, my google cloud account is associated with an institutional (university) google account.
I'm at a loss here. Any suggestions are much appreciated!
By default password based authentication and root login is disabled in GCP vms, so if you are trying to do password based ssh first you need to enable it follow this documentation for enabling password based access but it is not suggested to enable password based authentication as it makes your environment vulnerable. As you are saying your terminal is getting stuck have you checked the resource utilisations of cpu and memory.
i just tried to install oh-my-zsh on my notebook instance. it asked for the jupyter user's password, but i have no idea.
i'm also tagging with gcp-ai-platform-notebook as the support page says to do. thanks in advance for any help here!
I tried to install oh-my-zsh using “sudo -i" to login as root. It’s installed successfully. So, I would advise you to use “sudo -i” to login as root before installing oh-my-zsh.
You can change the password using the following
sudo passwd <username>
You will require sudo permissions. This can be done by adding Compute Admin role to the service account and restarting the VM
I'm following this tutorial to host a website with an apache server. The thing is that the last step tells my to do
service apache2 reload
But it asks me for a password. I don't remember inserting a password for this VM, just the .pem I used to log in.
Is there a default password? Or how can I solve this? Sorry if this is basic, but the most complex thing I've done with servers is with wamp and xamp
Thanks!
Based on the comments, the solution was to use sudo:
sudo service apache2 reload
I installed the cPanel & WHM: The Hosting Platform of Choice AMI on AWS last night on a ec2 instance.
It seems to have set it all up and I can get to the login pages of cPanel and WHM but can not log in.
I used the 1-click install and never entered, or was given a user/password combination.
Where can I find or set this information?
I can login through ssh from the aws portal and there is definitely a password set. I tried using
sudo mysql_secure_installation
to reset it but failed to login because I did not have a password. It is not blank.
I am not very familiar with doing things through SSH so please be specific on how to fix this if I need to do it through SSH.
Thank you so much for your help.
Any advice or suggestions about AWS is greatly appreciated.
I think there is an issues with the port/firewall setting. Please enable all cPanel require ports for your AWS and try to login cPanel/WHM.
Here are the all port lists which you need to enable for your server.
https://documentation.cpanel.net/pages/viewpage.action?pageId=7536715#HowtoConfigureYourFirewallforcPanel&WHM%27sServices-Ports
Amazon doesn't allow you to connect through the dashboard as root, you have to login as the user type. In this case, ec2-user. Logged in as this user doesn't allow you use the "passwd" command without the old password. However, you can authenticate as root, then use the passwd command to change the password without having to know the old one/default install. Here's how.
Log into SSH in as the ec2-user.
Run "sudo -i" to authenticate as root.
Once you're "root", you can reset the root password using "passwd".
Then login to WHM.
Looks like you've missed some step before
wget -N http://httpupdate.cpanel.net/latest
I've got the same issue and ended with deleting the instance and staring over.
The only setup guide that worked for me without any issues: https://5best.cloud/build-cpanel-cloud-hosting-amazon-aws-1/
I am trying to deploy a Django application on Google Compute Engine. I'm using a Debian 7 image and want to set up Django with Nginx, Gunicorn, virtualenv, supervisor and PostgreSQL. I have everything running fine on my development machine which is running Ubuntu 14.04 with Django installed and PostgreSQL as the backend.
I'm using the tutorial located at http://datacommunitydc.org/blog/2013/12/a-tutorial-for-deploying-a-django-application-that-uses-numpy-and-scipy-to-google-compute-engine-using-apache2-and-modwsgi/. I'm also using the tutorial located at http://michal.karzynski.pl/blog/2013/06/09/django-nginx-gunicorn-virtualenv-supervisor/ as it's specific to virtualenv and PostgreSQL which I'm using on my development machine. I've setup my GCE instance, instaled and updated aptitude. I've installed PostgreSQL however when I attempt to create a database user and a new database for the app I get an error and nothing is created.
Following the tutorial I've run:
$ sudo su - postgres
postgres#django:~$ createuser -P
Enter name of role to add: hello_django
Enter password for new role:
Enter it again:
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) n
Shall the new role be allowed to create more new roles? (y/n) n
When it attempts to create the new user role I receive the following error:
createuser: could not connect to database postgres: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?
When I run the shell script ls /etc/init.d it says that postgresql is running, but I still can't add the new role. Can someone tell me what I'm doing wrong?
Regards.
I wasn't able to reproduce the issue on my end, but it appears to be an issue with PostgreSQL and its dependencies. You can try removing all installed PostgreSQL components and dependencies and then reinstalling PostgreSQL:
sudo apt-get remove --purge postgresql-9.1*
sudo apt-get install postgresql-9.1
If it's still unable to connect to the database, the issue might be originating from your $PATH, in which case you'll need to point it to /usr/local/bin/psql.
I have just had the same problem.
This is most likely cause the postgres cluster has not been initialised yet.
And the reason that this didn't install automatically is because you have set up the locale of the box yet. This is something that has to be done on Amazon EC2 instances as well.
You need to run:
sudo apt-get install locales
And then:
sudo dpkg-reconfigure locales
I had to choose which locales I wanted to setup, I chose en_AU UTF-8.
After this I rebooted, then I could run this to initialise the cluster:
sudo pg_createcluster 9.1 main --start
This started the service and created the pg_hba.conf files etc.
I faced a similar problem a while back. It can resolved using a few simple steps:
As postgres user run : initdb --locale en_US.UTF-8 -E UTF8 -D 'var/lib/postgres/data'. Note depending on the distro postgres in the command can be pgsql. You can easily check if the directory exists with an ls command.
systemctl start postgresql (if you have systemd) or just a /etc/init.d/postgresql start should do. These commands must be rub as the superuser.
All this is from the ArchWiki.