|# Download the VDI from https://cdn.amazonlinux.com/os-images/latest/|
|# Doc is at http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/amazon-linux-2-virtual-machine.html|
|# Be sure you have config/meta-data and config/user-data ready as per the below|
|# change ec2-user's password to your password|
|$ cat config/meta-data|
|# eth0 is the default network interface enabled in the image. You can configure|
|# static network settings with an entry like below.|
|# iface eth0 inet static|
|# address 192.168.1.10|
|# network 192.168.1.0|
|# netmask 255.255.255.0|
|# broadcast 192.168.1.255|
|# gateway 192.168.1.254|
|$ cat config/user-data|
|# A user by the name ec2-user is created in the image by default.|
|# Following entry create user1 and assigns password specified in plain text.|
|# Please not use of plain text password is not recommended from security best|
|# practises standpoint|
|# - name: user1|
|# groups: sudo|
|# sudo: ['ALL=(ALL) NOPASSWD:ALL']|
|# plain_text_passwd: < plain text password here >|
|# lock_passwd: false|
|# Following entry creates user2 and attaches a hashed passwd to the user. Hashed|
|# passwords can be generated with:|
|# python -c 'import crypt,getpass; print crypt.crypt(getpass.getpass())'|
|# - name: user2|
|# passwd: < hashed password here >|
|# lock_passwd: false|
|# Following entry creates user3, disables password based login and enables an SSH public key|
|# - name: user3|
|# - < ssh public key here >|
|# lock_passwd: true|
|# On Mac OS, you can use hdiutil instead of genisoimage|
|hdiutil makehybrid -o init.iso -hfs -joliet -iso -default-volume-name cidata config|
|## Then attach the init.iso file to the virtual machine before to boot the VDI.|
|## Cloud-init configuration happens ar first boot only, you do not need the ISO file for subsequent boots|
|## If you need to retry, re-try from the originally downloaded VDI|
|## Keep a copy of the downloaded VDI if you need to make changes to your root disk image.|
I can login locally (on the terminal) but not via ssh because of 2 things:
So after manually fixing these issues up Ive being able to login.
As configured eth0 will be directly in your network, bridged, not on the NAT’ed VMware Fusion network.
So if someone has some more information on how we can get ONBOOT=yes for eth0 on meta-data, that password thing can be avoided configuring a key for the user.
I had this issue too, the solution (for me) was to validate the files used to create the seed.iso file, this worked for me:- http://www.yamllint.com/ and found an error.
In the last line, the default statement needed two spaces in front of it, then it validated ok, the rebuild seed.iso then seemed to do the trick and I could log in as ec2-user with my password.
Remember to use a fresh .vdi file as the seed.iso is only valid on first boot and booting touches the vdi image so it cannot be used again. You may be able to do a snapshot before the initial boot too to preserver the initial state. But I have not tried this.
I noticed during boot on mine it thought the seed is not valid
I built it on osx
I did validate my yaml
Reading through here:
I think its something to do with my seed.iso, it is mounted in VirtualBox
Thanks for the suggestions!
In my case, it turned out that my "incrorrect login" errors were fixed by removing a COMMENT line that i had added above the first line of the user-data file. So my file started with:
Although it was still syntactically correct yaml, it didn't actually work until i removed that top/first comment that i'd added...
So there is, apparently, an undocumented requirement that the file MUST BEGIN WITH with the #cloud-config comment...
Still not sure if the vim:syntax comment is required too but I'm leaving it, cuz I've lost enough time to this nonsense already :-)
Thanks again for your suggestions, which led me to to my discovery and the fix for my situation!
Hope this helps someone googling this issue like i did!
It's documented by AWS: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/amazon-linux-2-virtual-machine.html
What is the syntax to set SSH keys for the default user, i.e. ec2-user? I tried the following, but it doesn't work:
I've also tried:
I just end up with an empty authorized_keys file. It works for any other user, though. I've looked but can't find an example of how to do this.
@swampf0etus check the sample config here https://cdn.amazonlinux.com/os-images/2.0.20190612/README.cloud-init