Unable to SSH into my EC2 instance from a different computer - amazon-web-services

A little backstory, I have an AWS instance made with Bitnami that I set up on my Windows Machine back home. I am currently out of the country and have no way to access that machine at the moment. One month later, I visit the website getting a 500 error and (only my Macbook on me). I've tried to SSH into it from my Macbook and no luck. I get the error:
Username is not in the sudoers file. This incident will be reported.
I've also tried another way to SSH into my aws but then I just get
Permission denied (publickey).
I do have the public/private keys I made with me so I am not sure if I had to set up some additional permissions to SSH from a different computer. On top of that, I got an email stating that someone attempted to access remote hosts on the internet without authorization. If I visit my Public IP address of my instance, it goes straight to a spam page.
At this point, I am not sure if I am just missing something in my steps or have missed a step. If someone can help me, I would really appreciate it.
Is there some way to get my instance back up and running? If not, is there some way I can back up the wordpress files on that instance that's down and use it to create another one on my Macbook currently? Please let me know.

If you have the private key that your AWS instance has been installed with, place the key in ~/.ssh .
Then, run the following command to set the permissions of the key to read and write only to your user (it's a mandatory step):
chmod 600 ~/.ssh/keyname
Then, run the following command to connect to your instance:
ssh -i ~/.ssh/keyname user#instance_ip
And it should connect successfully.
If you're not sure which user to connect to and you have access to AWS EC2 Console, then look for that server, right-click it and choose "Connect" and it will usually show the correct user to use when connecting to it by SSH.

Related

Cannot connect via SSH to GCP Instance

Friends good night.
I have a server on Google Compute Engine, which I do not have access to via ssh and the old administrator did not leave access to it.
Is there any possibility to access this server either through SDK, GCP Console, etc.?
Thank you very much in advance.
If you or your team have an IAM account on the project with sufficient roles/permissions (Owner, ComputeAdmin), you can try the following:
Check this troubleshooting documentation in order to identify and solve your issue
Try to access the VM through the SerialPort.
I had mistakenly locked myself via these files /etc/hosts.allow and /etc/hosts.deny. It took me a day to get back access to the server and I hope below will help someone locked out of a GCP vm. It simply creates a script that runs when your VM is booting up. You can then have all commands to fix your issue run without direct access to the server. Below is how you can for example reset root password.
I am assuming that you have access to GCP console via browser, do below:-
Shutdown the server
Click on edit and scroll down to Custom metadata. Add a new item with key as startup-script and the value as below. Replace yournewpassword with the password you want to set for the root user:
#!/bin/sh
echo "yournewpassword:root" | chpasswd
Reboot your server and use your new password set above to ssh to your vm
Remove the meta and save your VM. You can reboot again.

How can I able to use PEM file in aws again?

Currently, I am facing an issue related to AWS. A project is already uploaded on AWS server and always connect to that Project by using PEM key of that particular project. But from last week I am not able to connect with the AWS server by using the PEM key. I got one solution for this, as by creating new instance i will be able to got my access on the project but this will make me lose of my whole data & database as a result. Is this occurred due to virus or any thing else? Got stuck over here badly. Any help will be appreciable.
I think the authorized_keys file has some incorrect entries. Let's remove the key from the file and add it again.
remove the host key
ssh-keygen -R [hostname]
ssh again
ssh -Tv ec2-user#example.com -i ~/mykey.pem
In order to use existing EBS volume with data in a new ec2, with a new ssh key:
Create a snapshot of the current instance's EBS, and create a volume.
Create a new instance with a new ssh key.
Stop the new instance and attached the previously created volume as the boot volume.
Start the new instance and you should be able to login with the new ssh key.
The log indicates that you do not have any networking issues. It is the ssh server on the instance that is rejecting your connection.
The first thing to confirm is that you are connecting to the correct Amazon EC2 instance. If an EC2 instance is stopped and started again, it might change public IP address (depending how it is configured). Therefore, make sure that you are connecting to the right instance.
Next, confirm that you are using the correct username. You are using ubuntu#, which is correct if the instance is using an Ubuntu AMI. However, it is possible to create additional users on a Linux computer and the PEM files are associated with specific users. Therefore, confirm that this is the correct username for use with that PEM file.
Next, confirm that you are using the correct PEM file. The PEM file should contain the private half of a keypair that matches the public half that is stored on the instance in the user's ~.ssh/authorized_keys file. The log indicates that the instance is rejecting the provided keypair. Therefore, you might be using the wrong one.
Failing all this, there are some recommended steps available on: Walkthrough: Reset Passwords and SSH Keys on Amazon EC2 Instances - AWS Systems Manager
However, they might not work since you are using an Ubuntu instance, which might not have standard AWS software installed.
Let us know how you go!

Getting SSL to work in AWS on Ghost by bitnami

I am stuck on step 4 with using SSH to enable https
https://docs.bitnami.com/aws/how-to/configure-elb-ssl-aws/
I open putty to make an SSH
I type /opt/bitnami/apps/ghost/conf/httpd-prefix.conf
the SSH client tells me -bash:/opt/bitnami/apps/ghost/conf/httpd-prefix.conf: permission denied
Can anyone provide a more detailed instruction into how to get my SSL certificate to work with Ghost by bitnami on AWS
Thank you
There's two things you need to do. First, you have to launch an editor to modify the httpd-prefix.conf file. Nano is easy to use and should be installed on your instance already. Issue a command like nano /opt/bitnami/apps/ghost/conf/httpd-prefix.conf, make your edits in the nano editor, then save the file.
The second thing is to make sure that the account you are using has permissions to perform those tasks. You'll need root-level permissions. You can use the sudo command to run things as root. If you get a permission denied error when launching nano, try sudo nano /opt/bitnami/apps/ghost/conf/httpd-prefix.conf and enter the necessary password to execute the nano command with root privileges.
Keep in mind that the best practice for AWS accounts is to only use the root account to create your first IAM user, so that your root account credentials stay safe, and that hackers can't gain full control of your account should a compromise happen.
Instead try this for setting up an SSL cert https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/

Cannot SSH into EC2 instance after creating second user and public key

I might have done something extremely stupid. I don't really know what I'm doing with this but have been following online guides to set up an EC2 Instance running Bitnami Wordpress.
Today I attempted to follow this guide to link Vaultpress to my instance:
https://www.virtualizationhowto.com/2016/04/connect-vaultpress-aws-ec2-instance/
I think I may have misstepped and pasted the public key text in the .ssh/authorized_keys inside the root user, overwriting whatever was there, (if there is information there by default?). I think, however, I was under a new user I created earlier, named vaultpress.
It is also possible that when I tried to add security groups I overwrote something something important. I have now reset the default VPC group and Security group generated by AWS Marketplace to 0.0.0.0/0 for SSH, so if I understand correctly that should be OK now?
Either way, I can now no longer SSH in with my .pem file. I did CHMOD 600 to the .pem file and used the standard ssh -i "thefile.pem" bitnami#address.com. Not sure where to go from here. Are there other ways to access the instance?
I get permission denied (public key)
ANY HELP REALLY APPRECIATED!
I thought I was going to make big track on my project with my day off today. Guess it's one step forward and two back today.

Suddenly can't login to filezilla with EC2 amazon server

I have a free EC2 Amazon Ubuntu server and I was connected with putty and filezilla and I was transferring files. Suddenly I lost connection and now whenever I login on either putty of filezilla I get and error saying
Disconnected: No supported authentication methods available (server sent: publickey)
Any ideas what could be possibly happening? I think that before this happened I change the permissions of a folder. Don't know if that's relevant.
I think that before this happened I change the permissions of a
folder. Don't know if that's relevant
Did you change the permission of ~/.ssh directory? ssh expects the directory to have 700 as permission and the ~/.ssh/authorized_key file to have 600 permission. Do you remember what exactly you changed?
You are out of luck if you changed the permissions of ~/.ssh folder. There are other convoluted ways to restore access. You have to stop the instance, attach the root partition to another instance, then change the folder permission, detach the partition, attach it back to your original instance and start it. Search StackOverflow for answers.