Fedora Linux Support Community & Resources Center
  #1  
Old 18th February 2008, 10:19 PM
matthewclower Offline
Registered User
 
Join Date: Feb 2008
Posts: 2
Amazon Web Services (AWS) Fedora 8/SSH

I've recently attempted to install Fedora Core 8 in AWS and everything seems fine except my ssh configuration -- I can't log in. I haven't exhausted all my options, but I don't really know how to configure the keys in SSH so that might be my problem, in fact I'm almost certain I didn't configure that part properly as I've never done that before. In any event...

Amazon provides an installation of Fedora Core 4 so in order to get 8 installed I have to do the following:

First, the version of yum installed in the public amazon AMI doesn't support the installation so I log in and do this:

Code:
wget http://linux.duke.edu/projects/yum/download/3.0/yum-3.0.5.tar.gz
tar -xvzf yum-3.0.5.tar.gz
cd yum-3.0.5
make DESTDIR=/ install
Now that yum will work, it's time to do the installation. -- something like this

Code:
cd /root
mkdir image;mkdir fedora;cd image

dd if=/dev/zero of=fedora bs=5M count=1 seek=1024
/sbin/mke2fs -F -j fedora

mount -o loop fedora /root/fedora

mkdir /root/fedora/dev
mkdir /root/fedora/proc
mkdir /root/fedora/etc
for i in console null zero; do /sbin/MAKEDEV -d /fedora/root/dev -x $i ; done

for most of the editing I actually used vi but it doesn't matter, this does the same thing:

cat <<EOL > /root/fedora/etc/fstab
/dev/sda1 / ext3 defaults 1 1
none /dev/pts devpts gid=5,mode=620 0 0
none /dev/shm tmpfs defaults 0 0
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
/dev/sda2 /mnt ext3 defaults 1 2
/dev/sda3 swap swap defaults 0 0
EOL

mount -t proc none /root/fedora/proc

cat <<EOL > /tmp/yumec2.conf
[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
exclude=*-debuginfo
gpgcheck=0
obsoletes=1
reposdir=/dev/null

[base]
name=Fedora Core 8 - i386 - Base
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-8&arch=i386
enabled=1

[updates-released]
name=Fedora Core 8 - i386 - Released Updates
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f8&arch=i386
enabled=1
EOL

yum -c /tmp/yumec2.conf --installroot=/root/fedora -y groupinstall Base

yum -c /tmp/yumec2.conf --installroot=/root/fedora -y clean packages

cat <<EOL > /mnt/etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOL

cat <<EOL > /mnt/etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
DEVICE=eth0
BOOTPROTO=dhcp
EOL

cat <<EOL >> /mnt/etc/ssh/sshd_config #(append)
UseDNS no
PermitRootLogin without-password
EOL
I've also scp-ed the key files I'm supposed to be using to the image, but I'm not sure what else I'm supposed to be doing with them, I've done the AWS registration properly and what is left is the virtual machine configuration:

VM:
Code:
FYI:
#ec2-bundle-vol --help
Usage: ec2-bundle-vol PARAMETERS

MANDATORY PARAMETERS
    -c, --cert PATH                  The path to the user's PEM encoded RSA public key certificate file.
    -k, --privatekey PATH            The path to the user's PEM encoded RSA private key file.
    -u, --user USER                  The user's EC2 user ID (Note: AWS account number, NOT Access Key ID).

OPTIONAL PARAMETERS
    -e, --exclude DIR1,DIR2,...      A list of absolute directory paths to exclude. E.g. "dir1,dir2,dir3". Overrides "--all".
    -a, --all                        Include all directories, including those on remotely mounted filesystems.
    -p, --prefix PREFIX              The filename prefix for bundled AMI files. E.g. "my-image". Defaults to "image".
    -s, --size MB                    The size, in MB (1024 * 1024 bytes), of the image file to create. The maximum size is 10240 MB.
    -v, --volume PATH                The absolute path to the mounted volume to create the bundle from. Defaults to "/".
        --fstab PATH                 The absolute path to the fstab to be bundled into the image.
    -d, --destination PATH           The directory to create the bundle in. Defaults to "/tmp".
        --ec2cert PATH               The path to the EC2 X509 public key certificate. Defaults to "/etc/aes/amiutil/cert-ec2.pem".
        --debug                      Display debug messages.
    -h, --help                       Display this help message and exit.
    -m, --manual                     Display the user manual and exit.
    -r, --arch ARCHITECTURE          Specify target architecture. [i386, x86_64]
    -b, --batch                      Run in batch mode. No interactive prompts.


ec2-bundle-vol -d /mnt -k pk-<key_id>.pem -c cert-<cert_id>.pem -u <amazon_id> -v /root/fedora -p fedora -r i386

FYI:
# ec2-upload-bundle --help
Usage: ec2-upload-bundle PARAMETERS

MANDATORY PARAMETERS
    -b, --bucket BUCKET              The bucket to upload the bundle to. The bucket is created if it does not exist.
    -m, --manifest PATH              The path to the manifest file.
    -a, --access-key USER            The user's AWS access key ID.
    -s, --secret-key PASSWORD        The user's AWS secret access key.

OPTIONAL PARAMETERS
        --acl ACL                    The access control list policy ["public-read" | "aws-exec-read"]. Defaults to "aws-exec-read".
        --ec2cert PATH               The path to the EC2 X509 public key certificate. Defaults to "/etc/aes/amiutil/cert-ec2.pem".
    -d, --directory DIRECTORY        The directory containing the bundled AMI parts. Defaults to the directory containing the manifest.
        --debug                      Print debug messages.
        --part PART                  Start uploading the specified part and upload all subsequent parts.
        --url URL                    The S3 service URL. Defaults to https://s3.amazonaws.com.
        --retry                      Automatically retry failed uploads. Use with caution.
        --skipmanifest               Do not upload the manifest.
    -h, --help                       Display the help message and exit.
        --manual                     Display the manual and exit.

ec2-upload-bundle -b <bucket_id> -m /mnt/fedora.manifest.xml -a <access_id> -s <secret_id>
localhost:
Code:
ec2-register <bucket_id>/fedora.manifest.xml

ec2-run-instances <AMI_id>

ssh -i id_rsa-<ID>-keypair root@<VM_ADDR>
My objective is obviously to get a command line into the new VM without having to enter in the root password, having authentication tied to the private key and amazon X509 certificate. Unfortunately, I've been unsuccessful thus far. I've also omitted the different things that I've tried so far to configure the keys that yielded no results. I'm hoping someone can explain to me what I have to do to configure them properly.

The best I've gotten is:
Code:
root@<VM_ADDR>'s password:
Permission denied, please try again.
Reply With Quote
  #2  
Old 18th February 2008, 10:20 PM
matthewclower Offline
Registered User
 
Join Date: Feb 2008
Posts: 2
And because my first post was too long:

localhost:
Code:
FYI:
$ ec2-register --help
  SYNOPSIS
     ec2reg (ec2-register)
     ec2reg [-K EC2-PRIVATE-KEY] [-C EC2-CERT] [-U EC2-URL] [-h] [-v] MANIFEST
  GENERAL NOTES
     Any command option may be passed a value of '-' to indicate that values for that
     option should be read from stdin.
  DESCRIPTION
     Register an AMI manifest for use with EC2.
     The MANIFEST parameter is the manifest (in S3) to register.
     e.g. mybucketname/image.manifest
  OPTIONS
     -K/--private-key       Used to specify your private key.
                            If EC2_PRIVATE_KEY exists in the environment its value will be used (this option takes precedence).
     -C/--cert              Used to specify your X509 certificate.
                            If EC2_CERT exists in the environment its value will be used (this option takes precedence).
     -U/--url               Used to specify the web service URL.
                            If EC2_URL exists in the environment its value will be used (this option takes precedence).
                            Defaults to https://ec2.amazonaws.com
     -v/--verbose           Verbose output
     -?/--help              Display this help
     -H/--headers           Display column headers
     --debug                Display additional debugging information
     --show-empty-fields    Indicate empty fields
     --connection-timeout   Specify a connection timeout (in seconds)
     --request-timeout      Specify a request timeout (in seconds)

ec2-register <bucket_id>/fedora.manifest.xml

FYI:
$ ec2-run-instances --help
  SYNOPSIS
     ec2run (ec2-run-instances)
     ec2run [-K EC2-PRIVATE-KEY] [-C EC2-CERT] [-U EC2-URL] [-h] [-v] AMI -n INSTANCE_COUNT [-g GROUP [-g GROUP...]] [-k KEYID] [-d USER_DATA | -f FILE_NAME] [--addressing=ADDRESSING-MODE]
  GENERAL NOTES
     Any command option may be passed a value of '-' to indicate that values for that
     option should be read from stdin.
  DESCRIPTION
     Launch a number of instances of a specified AMI.
     The AMI parameter is the AMI ID of the AMI to launch.
  OPTIONS
     -K/--private-key       Used to specify your private key.
                            If EC2_PRIVATE_KEY exists in the environment its value will be used (this option takes precedence).
     -C/--cert              Used to specify your X509 certificate.
                            If EC2_CERT exists in the environment its value will be used (this option takes precedence).
     -U/--url               Used to specify the web service URL.
                            If EC2_URL exists in the environment its value will be used (this option takes precedence).
                            Defaults to https://ec2.amazonaws.com
     -v/--verbose           Verbose output
     -?/--help              Display this help
     -H/--headers           Display column headers
     --debug                Display additional debugging information
     --show-empty-fields    Indicate empty fields
     --connection-timeout   Specify a connection timeout (in seconds)
     --request-timeout      Specify a request timeout (in seconds)
     -n/--instance-count    The number of instances to attempt to launch.
                            This may be specified as a single integer or as a range (min-max).
                            This specifies the minimum and maximum number of instances to attempt to launch.
                            If a single integer is specified min and max are both set to that value.
     -g/--group             Specifies the security group (or groups if specified multiple times) within which
                            the instance(s) should be run.
                            This determines the ingress firewall rules that will be applied to the instances.
                            Defaults to the users default group if not supplied.
     -k/--key               Specifies the key pair to use when launching this instance.
     -d/--user-data         Specifies the user data to make available to instances in this reservation.
     -f/--user-data-file    Specifies the file to read user data from to make available to instances in this reservation.
     --addressing           Specifies the type of addressing to use for the instances.
                            Refer to the latest Developer's Guide for valid values.

ec2-run-instances <AMI_id>

ssh -i id_rsa-<ID>-keypair root@<VM_ADDR>
Reply With Quote
Reply

Tags
8 or ssh, amazon, aws, fedora, services, web

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Amazon mp3 downloader seanb Using Fedora 3 15th July 2009 05:11 PM
workaround: installing amazon mp3 downloader with fedora 9 GoneSouth Using Fedora 6 27th January 2009 12:37 PM
Amazon Downloader 64 bit i_ata89 Using Fedora 0 30th December 2008 06:14 PM
Amazon Linux mp3 koperry Linux Chat 10 15th May 2008 04:56 AM


Current GMT-time: 22:27 (Thursday, 18-12-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat
Creek Side - Stockholm-Arlanda Airport (ARN) Travel Photos on Instagram - Marina of Koper Travel Photos - Te Whiti Park Instagram Photos - Texas State Fair Photos on Instagram