Questions tagged with Linux Provisioning
Content language: English
Sort by most recent
I'm currently running a 2019 windows instance on macOS as I am running software that I can't use on macOS on my Windows Instance. Whenever I want to connect to my EC2 instance, I have to download a new RDP file because it won't launch automatically even though I've downloaded the SSM Agent onto it. Is there anyway I can get it to connect to my instance automatically instead of me having to download a new RDP file and manually entering the password each time?
Hi,
I set up security group for the instance, as you know I added rules for the ports over there
Do I need to enable ufw ? When I did 'sudo ufw status', it says 'status inactive'
Thanks
Sung
Hi all,
I've been trying to streamline my process for joining Linux instances to my domain. As such, there are a number of configurations that I still need to take care of manually that I would like to automate it possible. This includes the folowing:
1. Restrict logins to the AWS Delegated Administrators group from my Directory Service implementation
2. Add the AWS Delegated Administrators group to the sudoers file (is there a better way to achieve this? Should use the /etc/sudoers.d folder instead? This looks like a cleaner way to define permissions but I could not find any documentation on how to configure this folder.
3. Install cifs-utils
4. Configure the logon banner
5. In some cases, configure the fstab file
I think 3, 4, and 5 are easily done through the userdata file, however, I'm not clear on how to configure all of the necessary files for 1 and 2. For example, to properly allow the AWS Delegated Administrators group to log in to the system, the following files need to be configured:
* /etc/pam.d/login
* /etc/pam.d/sshd
* /etc/security/access.conf
Documentation I found showed that I needed to update the pam.d files to allow for spaces in a logon group/username.
I imagine these are fairly basic configuration steps for most anyone setting up a domain joined Linux instance in their environment so it would be nice to see this standardized, perhaps in an SSM document that can also be run, or if dynamic options can be set during the instance launch process when selecting domain join, that would be great.
I moved the Lightsail instance of volume 320GB to EC2 and made a new instance. Then I resized the EBS volume from 320 GB to 50GB. Detached both the volume at first and reattached 50 GB volume only. After starting the instance instance status check is failed.
I'd like to modify our reserved instance from to a larger instance in the same class. Importantly, it is a convertible instance and I am able to find the documentation regarding how to modify the instance. However, I am not seeing the technical details of what that entails.
Do I need to disconnect the EBS drives currently attached to my reserved instance before proceeding with a modification?
Does a modified reserved instance just automatically appear and all drives, users, settings, etc move to it? Or do I have to reconfigure the new instance with my original instance's settings?
asked a month ago
Created a brand new Ubuntu instance from the marketplace.
Created brand new set of key pairs and exported them as .pem (for use with Putty)
Created a brand new elastic IP and associated it with the new instance.
Left the security group settings at default (until I've got it up and running as I want)
SSH and HTTPs enabled from anywhere.
Opened Putty, put in the static IP
Added the .pem file under Auth > SSH
Clicked 'Connect'.
Prompted for username (default is ubuntu)
Then get error message:
'Server refused our key'
No supported authentication methods available
The documentation on why this could happen is as much use as a waterproof teabag. This is a BRAND new instance, setup and configured with all the defaults.
So why is it refusing the keys made during setup?
Can someone spare me the ongoing frustration and tell me what's going on please?
Thank you so much.
Hi,
I am trying to use 3rd party services with my EC2 instances.
The 3rd party service has some security rules. one of them is that my instance's IP has to be whitelisted.
I am working with multiple instances that can be scaled over time and I don't want to set Elastic IP for each instance. and I don't want to register new IP every time I'm adding a new instance.
Is there a way to use a service (maybe proxy) that listen to all my instances and forward the outgoing request with the same IP?
I also believe it is more secure to put my outgoing requests behind a proxy.
Can I get an explanation/tutorial for doing that?
Thank you!
Asaf
Hi,
I started using AWS-SSM, so I can use the SSO solution to connect to the EC2-instances using the SSM.
But, as known; to connect to the SSM; should use the instance id.
I am looking if there is a way to use the instance name instead of the instance id.
Hi there, I have been following the "certificate automation: encrypt with certbot on amazon Linux 2" instructions linked below:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html#letsencrypt:~:text=Linux%202%20AMI.-,Certificate%20automation%3A%20Let%27s%20Encrypt%20with%20Certbot%20on%20Amazon%20Linux%202,-Warning
I have now successfully followed all instructions and received correct output information for step 1. However, when I check that Apache is installed and try to access the conf file, it appears I am unable to. I have been using the following commands:
```
sudo yum install -y httpd
```
With an outcome of:
```
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core 00
215 packages excluded due to repository priority protections
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
215 packages excluded due to repository priority protections
Package httpd-2.4.54-1.amzn2.x86_64 already installed and latest version
Nothing to do
```
Then try to access the conf file:
```
cd /ect/httpd/conf
```
After which I receive an outcome stating "no such file or directory"
Any guidance on where I may be making an error would be much appreciated!
hi, i having a wordpress website and i create multiple instance on same region on lightsail. Add a lightsail managed database and connected loadbalncer
but i couldnt able to add most plugins, when we add a plugin and it will activate successfully, but when checking on another site
it says woocommerce plugin deactivated due to an error, the plugin does not exist. I can see that both are using same database. when we edit a post and adding update, it reflect on other servers as well
any solution?
I have a nodejs backend running in my instance ec2 and bucket with my files. I need to allow traffic for that users can do a download for this file but the instance show me in return that this connection refused for this.
Hi Team,
i have successfully built a Wordpress site on a personal Lightsail account, and post development i was able to package it and the DB, and setup it up on a new instance on the clients AWS account and transferred all the files and the db, the site works completely fine.
Except i am unable to update the Wordpress core. I have tried updating the file permissions and nothing has worked, the error i get is
"The update cannot be installed because some files could not be copied. This is usually due to inconsistent file permissions.: wp-admin/includes/update-core.php"
What i doubt is the problem is with the user role that triggers the update or the write access to these folders, so i tried to do the update through the wp-cli and i got the same error, even though i ran it sudo.
all the files have the permission of 664/644 and dir 775/755. and the file ownership is bitnami:daemon.
The plugin/theme updates are working fine, the media uploads without an issues, only the core update im having an issue.
I will put out a short decription on how to move from lightsail to another account based lightsail, once i can rectify this.
Regards,
Shiva