Generally when you tried to access Ubuntu vm on AWS server as user ‘root‘. You will find a message like below. It means you can’t SSH to your server directly using root account, and first you have to login as user ‘ubuntu’ first and then use ‘sudo su –‘ to get root access.
Please login as the user “ubuntu” rather than the user “root”.
Enable SSH as root on AWS Ubuntu:
Follow the below steps to enable ssh as root user on AWS ubuntu instances. The same steps you can follow for other Linux distributions AWS instances like CentOS, RHEL, LinuxMint, Debian etc.
SSH to Server – Login to your server with ubuntu user and then switch to root user with sudo command.$ ssh -i server.pem [email protected]
After successful login to ubuntu account switch to root account.
$ sudo su -
Edit authorized_keys File – Now edit/root/.ssh/authorized_keysfile the private key of yours. You will get something like code with your key.no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command=" echo 'Please login as the user "ubuntu" rather than the user "root".'; echo;sleep 10" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCPqJ2U4gidqek 4FPQJABENkrUiLVP61LObdFAZXvs2EpCf/nBQCRg4ykMNg+8TC9lb7jC65zfIrTUcNcwongDb4 3k6miSKu1M8fdqXDpcb8CdDRaKpM2wP8l+hTaJ2aWycXmGJ7lZKQPiwNUOhbrOLNEtDmOI9eiV lz7See98LVLW+6AwfzNA8Cu4riDTvEMQr/WQ9NLrS3BZE1TAAswJi9lGDfTgEvfh4Ji+eI/xT Xrjkkwjerkjk3jrkwejrkjwe9wASXob4rbV12TXjQIcMKaRGQAGrwOHu0nM2ibfTdgqjrTAG 03CXKzQhF09LdxKlT7GpYe0oVU2R1kjkejwQp tecadmin.netRemove the highlighted text from authorized_keys file and your key should be look like this. There are no space before ssh-rsa text.
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCPqJ2U4gidqek4FPQJABENkrUiLVP61LObd FAZXvs2EpCf/nBQCRg4ykMNg+8TC9lb7jC65zfIrTUcNcwongDb43k6miSKu1M8fdqXDpcb8C dDRaKpM2wP8l+hTaJ2aWycXmGJ7lZKQPiwNUOhbrOLNEtDmOI9eiVlz7See98LVLW+6AwfzNA 8Cu4riDTvEMQrWQ9NLrS3BZE1TAAswJi9lGDfTgEvfh4Ji+eIxTXrjkkwjerkjk3jrkwejrkj we9wASXob4rbV12TXjQIcMKaRGQAGrwOHu0nM2ibfTdgqjrTAG03CXKzQhF09LdxKlT7GpYe0 oVU2R1kjkejwQp tecadmin.net
Save File – After removing above highlighted text from authorized_keys file, save it and try to ssh with root account.$ ssh -i server.pem [email protected]
You will find that you have successfully logged in to server with root user directly.
This is awesome. Worked for my Ubuntu instance as well, Thank you.
Hi
In the first part of your article, you state that allowing authentication as root over SSH creates a security risk. I’m inclined to call FUD on this. Could you elaborate on how this will lower the security of the system? In the setup you present, privilege escalation from the ubuntu to the root user is already possible without any further authentication.
I would argue that enabling unrestricted sudo for an unprivileged user effectively grants root privileges to any process running as that user. Even an enabled password prompt from sudo can be trivially circumvented by placing a binary called `sudo` into the user’s ~/bin directory.
Regards
Michael