AWS亚马逊云服务器Ubuntu系统使用

AWS亚马逊云服务器Ubuntu系统使用

来源：http://bj9420.com

编者：wRitchie(吴理琪)

在使用亚马逊的云主机EC2，遇到了一些问题，解决如下：

一、在EC2上创建root用户，并使用root用户登录

1、根据官网提供的方法登录连接到EC2服务器（官网推荐windows用户使用PUTTY连接）

2、 创建root的密码，输入如下命令： $sudo passwd root

3、然后会提示你输入new password。输入一个你要设置的root的密码，需要你再输入一遍进行验证。

4、接下来，切换到root身份，输入如下命令： $su root

5 、 使 用 root 身 份 编 辑 亚 马 逊 云 主 机 的 ssh 登 录 方 式 ， 找 到 PasswordAuthentication 、PermitRootLogin no，把no改成yes。输入： $vim /etc/ssh/sshd_config

# Package generated configuration file# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen forPort 22# Use these options to restrict which interfaces/protocols sshd will bind to#ListenAddress ::#ListenAddress 0.0.0.0Protocol 2# HostKeys for protocol version 2HostKey /etc/ssh/ssh_host_rsa_keyHostKey /etc/ssh/ssh_host_dsa_keyHostKey /etc/ssh/ssh_host_ecdsa_keyHostKey /etc/ssh/ssh_host_ed25519_key#Privilege Separation is turned on for securityUsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server keyKeyRegenerationInterval 3600ServerKeyBits 1024
# LoggingSyslogFacility AUTH
LogLevel INFO
# Authentication:LoginGraceTime 120PermitRootLogin yesStrictModes yes
RSAAuthentication yesPubkeyAuthentication yes#AuthorizedKeysFile %h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts filesIgnoreRhosts yes# For this to work you will also need host keys in /etc/ssh_known_hostsRhostsRSAAuthentication no# similar for protocol version 2HostbasedAuthentication no# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with# some PAM modules and threads)ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwordsPasswordAuthentication yes
# Kerberos options#KerberosAuthentication no#KerberosGetAFSToken no#KerberosOrLocalPasswd yes#KerberosTicketCleanup yes
# GSSAPI options#GSSAPIAuthentication no#GSSAPICleanupCredentials yes
X11Forwarding yesX11DisplayOffset 10PrintMotd noPrintLastLog yesTCPKeepAlive yes#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variablesAcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,# and session processing. If this is enabled, PAM authentication will# be allowed through the ChallengeResponseAuthentication and# PasswordAuthentication. Depending on your PAM configuration,# PAM authentication via ChallengeResponseAuthentication may bypass# the setting of "PermitRootLogin without-password".# If you just want the PAM account and session checks to run without# PAM authentication, then enable this but set PasswordAuthentication# and ChallengeResponseAuthentication to 'no'.UsePAM yes
#xshell报错No matching outgoing encryption，没有匹配的算法解决方法
Ciphers aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc,arcfour128,arcfour256,arcfour,blowfish-cbc,cast128-cbc
MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,curve25519-sha256@libssh.org

6、接下来，要重新启动下sshd，如下命令： $sudo /etc/init.d/ssh restart

7、然后再切换到root身份$su root

8、再为原来的”ubuntu”添加登录密码。如下命令： $passwd ubuntu

按 提 示 ， 两 次 输 入 密 码 。 到 此 可 以 用 root 身 份 使 用 Putty 或 Xmanager Enterprise 4直接登录EC2的服务器了。