By default, any new Amazon EC2 instances using the Ubuntu AMI will have password authentication login disabled AND the only way for root user to login is by using SSH keypairs. This should ideally remain that way for security reasons, but there are certain cases where you might need to enable and allow root users login using password. I had to do this when connecting an EC2 Ubuntu instance to serverpilot.
1. Login/SSH into EC2 with user ubuntu using your SSH keypair (you should have your private key ready, which is generated when you create the new EC2 instance)
2. sudo nano /etc/ssh/sshd_config
3. Look for the line:
PasswordAuthentication no
change it to
PasswordAuthentication yes
* This allows users to login with a password
4. Look for the line:
PermitRootLogin without-password
change it to
PermitRootLogin yes
* I see lots of instructions not mentioning this. If the PermitRootLogin remains as “without-password”, it means root user can only login with public key authentication, even when PasswordAuthentication has been changed to yes.
5. Restart SSH with the following command
sudo service ssh restart
That’s it, you can now login to your ubuntu ec2 instance as root with password.
Further Reading
PermitRootLogin
Specifies whether root can log in using ssh. The argument must be “yes”, “without-password”, “forced-commands-only”, or “no”. The default is “yes”.
If this option is set to “without-password”, password authentication is disabled for root.
If this option is set to “forced-commands-only”, root login with public key authentication will be allowed, but only if the command option has been specified (which may be useful for taking remote backups even if root login is normally not allowed). All other authentication methods are disabled for root.
If this option is set to “no”, root is not allowed to log in.
Hope that helps. Please leave a comment if this was helpful, or if you have other questions/comments.
muza says
I am a new ubuntu user.Hopefully this will help me when I will fall this problem. By the way nice post