Questions tagged with Linux Provisioning
Content language: English
Sort by most recent
Hi Team,
How to export the variable when connecting via session manager connect for linux OS.
I tried adding to the bashrc, /etc/environment, and /etc/profile did not work.
I am attempting to setup Patch Manager for all my AWS instances but all my Ubuntu servers are failing on scan.
I've checked the servers to ensure the SSM agent is installed and the service is running.
Servers are running Ubuntu 22.04.2.
When I run a scan I receive the below output error:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:32: SyntaxWarning: "is" with a literal. Did you mean "=="?
if x is 0 or x is 1:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:32: SyntaxWarning: "is" with a literal. Did you mean "=="?
if x is 0 or x is 1:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:34: SyntaxWarning: "is" with a literal. Did you mean "=="?
elif y is 0 or y is 1:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:34: SyntaxWarning: "is" with a literal. Did you mean "=="?
elif y is 0 or y is 1:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:260: SyntaxWarning: "is" with a literal. Did you mean "=="?
if original_result is 0:
No IMDS credentials found on instance.failed to run commands: exit status 156
I would like to add a dimension to several metrics using "append_dimensions" into Cloudwatch agent config.
As specified [here](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html#CloudWatch-Agent-Configuration-File-Metricssection), it says "If you specify a value that depends on Amazon EC2 metadata". How do I specify a value, of a specific instance tags from instance metadata, for example?
Is it "append_dimensions": { "Environment": <how to reach an instance tag called Environment> }?
I am unable to connect to server to server using ssh.
the error message is ubuntu@ip-60-0-0-48:~$ ssh root@40.0.6.136
ssh: connect to host 40.0.6.136 port 22: Connection timed out
ubuntu@ip-60-0-0-48:~$
Yesterday, my ec2 instance was working perfectly but today I can not ssh into it. I have rebooted, stopped and started my instance, then made sure I have the correct public dns when trying to ssh. I have also ensured that my security groups allow port 22 on my ip address. For debugging purposes, I allowed all IPs for my SSH and it still did not work.
error: `22: Operation timed out`
I tested SSH into my other instance and that seemed to work perfectly. I have not changed my VPC settings or my Subnet settings at all since creation so I am not sure how they would be causing this issue. Please help!
I host a few ubuntu instances on lightsail. I have observed something which I cannot explain. This is not an isolated situation and expect that others would observe the same exposure of their Private Ip without benefit of the firewall rules assigned to the Lightsail Instance. Check your auth log ( ubuntu grep "preauth" /var/log/auth.log ) and see if you observe the same results... I think you will as all of my 10 or so instances show same !
Private Ip 172.xx.x.74
**The ubuntu /var/log/auth.log shows external IP's attempting to brute force ssh on this PRIVATE ip.**
The brute force ssh attempts are not coming from AWS.. The 1st example below is coming out of Suraj Network, INDIA.
Why / How are these bad actors having a connection to the private IP on the Lightsail instances ? PORT 49986 is not enabled through the lightsail network firewall, are there improper connections from Lightsail to outside ISP's ?
I have found other examples digital ocean, Huawei, Vietnam Posts and Telecommunications Group ?
**IS THERE A LARGER PROBLEM THAT AMAZON SHOULD BE AWARE OF ?**
Command:
```
grep "preauth" /var/log/auth.log
shows:
Mar 12 16:39:25 ip-172-xx-x-74 sshd[10046]: Received disconnect from 103.72.6.149 port 49986:11: Bye Bye [preauth]
Mar 12 16:39:25 ip-172-xx-x-74 sshd[10046]: Disconnected from invalid user applmgr 103.72.6.149 port 49986 [preauth]
Mar 12 16:39:43 ip-172-xx-x-74 sshd[10048]: Received disconnect from 106.246.226.66 port 45478:11: Bye Bye [preauth]
Mar 12 16:39:43 ip-172-xx-x-74 sshd[10048]: Disconnected from invalid user server 106.246.226.66 port 45478 [preauth]
Mar 12 16:39:45 ip-172-xx-x-74 sshd[10050]: Received disconnect from 171.244.39.233 port 52840:11: Bye Bye [preauth]
Mar 12 16:39:45 ip-172-xx-x-74 sshd[10050]: Disconnected from invalid user bXXXh 171.244.39.233 port 52840 [preauth]
Mar 12 16:39:52 ip-172-xx-x-74 sshd[10053]: Received disconnect from 148.66.132.190 port 52944:11: Bye Bye [preauth]
Mar 12 16:39:52 ip-172-xx-x-74 sshd[10053]: Disconnected from invalid user admin 148.66.132.190 port 52944 [preauth]
Mar 12 16:39:55 ip-172-xx-x-74 sshd[10055]: Received disconnect from 196.203.207.165 port 34038:11: Bye Bye [preauth]
Mar 12 16:39:55 ip-172-xx-x-74 sshd[10055]: Disconnected from invalid user testuser 196.203.207.165 port 34038 [preauth]
Mar 12 16:40:44 ip-172-xx-x-74 sshd[10062]: Received disconnect from 14.139.58.153 port 49158:11: Bye Bye [preauth]
Mar 12 16:40:44 ip-172-xx-x-74 sshd[10062]: Disconnected from invalid user julio 14.139.58.153 port 49158 [preauth]
Mar 12 16:41:02 ip-172-xx-x-74 sshd[10065]: Received disconnect from 103.72.6.149 port 39856:11: Bye Bye [preauth]
Mar 12 16:41:02 ip-172-xx-x-74 sshd[10065]: Disconnected from invalid user john 103.72.6.149 port 39856 [preauth]
Mar 12 16:42:39 ip-172-xx-x-74 sshd[10248]: Received disconnect from 14.139.58.153 port 50592:11: Bye Bye [preauth]
Mar 12 16:42:39 ip-172-xx-x-74 sshd[10248]: Disconnected from invalid user test01 14.139.58.153 port 50592 [preauth]
Mar 12 16:42:41 ip-172-xx-x-74 sshd[10250]: Received disconnect from 103.72.6.149 port 39386:11: Bye Bye [preauth]
Mar 12 16:42:41 ip-172-xx-x-74 sshd[10250]: Disconnected from invalid user user 103.72.6.149 port 39386 [preauth]
This was working fine till yesterday and suddenly my component stopped working when I did a revise deployment
Getting error ModuleNotFoundError: No module named '_awscrt'.
On my component artifacts-unarchived location I can see the python packages are available
I see the packages folder awscrt, awsiot, boto3, botocore all packages that needed but when I try import
from awsiot.greengrasscoreipc.clientv2 import GreengrassCoreIPCClientV2, getting ModuleNotFoundError: No module named '_awscrt'
I am using the awsiotsdk==1.9.2, I also tried installing awscrt==0.13.3, awsiot==0.1.3 but no luck still getting the error ModuleNotFoundError: No module named '_awscrt'.
Need advise to fix this issue.
One of the few things I do not like about the AWS EC2 service is that all available images (AMIs) used to to launch new instances have a single partition where the root filesystem is mounted on.
In my opinion, this approach is not appropriate, there are also a few security standards requiring specific partitioning.
Is there some doc about creating an instance/AMI (by Terraform or CloudFormation or Packer) with a good partitioning scheme?
I'm a cloud student.
The number of simultaneous users of the banking apps is 50 million. The average number of users is 10 million and the minimum is 9 million.
I wonder how to set the instance type (CPU, Memory) at this time.
Also, I wonder if there is a standard for setting this.
Thank you.
Hi, I have created a Linux EC2 instance and added an /dev/sdf volume. After creating a filesystem plus mount point I could run umount and then mount -a without issue. However when I shutdown the instance and later restart the filesystem is not auto-remounted. Mount -a fails with various errors about missing code-page but I can manually remount the filesystem without problems. I have followed AWS advice on configuring /etc/fstab but still have the problem - Any thoughts? Kr Ian
Hello Team,
I have migrated CEDR to DRS. Launched Test Server successfully.
Now want to perform Reverse Data Replication from Recovery Instance which is failing with below mentioned error:
I have checked whether DRS Agent is running on the Recovery Agent and the output is:
And I am able to reach internet.
I have configured my Target Region DRS Replication Settings for the same.
Please guide me to fix this issue.
Do I need to install DRS Agent on the Recovery Instance for Reverse Replication?
I appreciate you help.
Thank you.
I've installed CVAT in the EC2 instance but when I go to the public IP address nothing comes up. I copied and pasted the code from the cvat installation guide so it should be pretty straight forward. Any advice please?