- Newest
- Most votes
- Most comments
Hi,
It looks like you have forced internal-sftp service for sftp
group in /etc/ssh/sshd_config
file. Now that you added the default ubuntu
user to sftp
group, it will only allow ftp connection for ubuntu user. Use one of the following methods to remove the ubuntu
user from sftp
group and regain ssh access.
Option 1
If your EC2 instance is managed by AWS Systems Manager, you can use the Run Command feature to execute following command in the instance. This will remove the ubuntu
user from sftp
group.
gpasswd -d ubuntu sftp
For more details about running remote commands on an EC2 Instance with AWS Systems Manager see following documentation.
https://aws.amazon.com/getting-started/hands-on/remotely-run-commands-ec2-instance-systems-manager/
After creating the instance profile, attach it to your EC2 instance and reboot the instance. Since you already have an EC2 instance running, you can skip Steps 2,3 & 5.
Option 2
If you can stop the instance, you can re run the user-data to remove the ubuntu
user from sftp
group. You can use following user-data script to achieve this.
Content-Type: multipart/mixed; boundary="//"
MIME-Version: 1.0
--//
Content-Type: text/cloud-config; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="cloud.cfg"
#cloud-config
cloud_final_modules:
- [scripts-user, once]
--//
Content-Type: text/x-shellscript; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="script.sh"
#!/bin/bash -x
gpasswd -d ubuntu sftp
Refer to following KC article for the steps re run the user-data in an an existing EC2 instance.
https://aws.amazon.com/premiumsupport/knowledge-center/execute-user-data-ec2/
Relevant content
- Accepted Answerasked 5 years ago
- asked 3 years ago
- asked 5 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 3 years ago