Changes

From Genome Analysis Wiki
Jump to navigationJump to search

Creating an AMI on EC2 (view source)

Revision as of 10:26, 14 October 2014

893 bytes added ,  10:26, 14 October 2014
no edit summary
Line 81: Line 81:  
   swapon -s      # Should show the swap device
 
   swapon -s      # Should show the swap device
 
</code>
 
</code>
 +
 +
=== Cleanup the instance for creating an AMI ===
 +
# Go to : [[#Cleanup Instance for AMI Creation|Cleanup Instance for AMI Creation]]
    
=== Create the AMI ===
 
=== Create the AMI ===
Line 97: Line 100:  
# <code>cd</code>
 
# <code>cd</code>
 
# Go to : [[#Create the AMI|Create the AMI]]
 
# Go to : [[#Create the AMI|Create the AMI]]
 +
 +
 +
==Cleanup Instance for AMI Creation==
 +
# Disable password-based logins for root
 +
## Open /etc/ssh/sshd_config
 +
## Change <code>PermitRootLogin yes</code> to <code>PermitRootLogin without-password</code>
 +
# Disable root access
 +
## <code> sudo passwd -l root</code>
 +
# Remove SSH host key pairs
 +
## Remove host key pairs located in <code>/etc/ssh</code> (ssh_host_dsa_key, ssh_host_dsa_key.pub, ssh_host_key, ssh_host_key.pub, ssh_host_rsa_key, ssh_host_rsa_key.pub)
 +
## <code>sudo shred -u /etc/ssh/*_key /etc/ssh/*_key.pub</code>
 +
# Remove SSH authorized keys
 +
##<code>sudo find / -name "authorized_keys" -exec rm -f {} \;</code>
 +
# Delete shell history
 +
## <code> shred -u ~/.*history</code>
 +
##<code>sudo find /root/.*history /home/*/.*history -exec rm -f {} \;</code>
    
== Create the AMI ==
 
== Create the AMI ==
Retrieved from "http://genome.sph.umich.edu/wiki/Special:MobileDiff/11709"

Navigation menu