From Genome Analysis Wiki
Jump to navigationJump to search
893 bytes added
, 10:26, 14 October 2014
Line 81: |
Line 81: |
| swapon -s # Should show the swap device | | swapon -s # Should show the swap device |
| </code> | | </code> |
| + | |
| + | === Cleanup the instance for creating an AMI === |
| + | # Go to : [[#Cleanup Instance for AMI Creation|Cleanup Instance for AMI Creation]] |
| | | |
| === Create the AMI === | | === Create the AMI === |
Line 97: |
Line 100: |
| # <code>cd</code> | | # <code>cd</code> |
| # Go to : [[#Create the AMI|Create the AMI]] | | # Go to : [[#Create the AMI|Create the AMI]] |
| + | |
| + | |
| + | ==Cleanup Instance for AMI Creation== |
| + | # Disable password-based logins for root |
| + | ## Open /etc/ssh/sshd_config |
| + | ## Change <code>PermitRootLogin yes</code> to <code>PermitRootLogin without-password</code> |
| + | # Disable root access |
| + | ## <code> sudo passwd -l root</code> |
| + | # Remove SSH host key pairs |
| + | ## Remove host key pairs located in <code>/etc/ssh</code> (ssh_host_dsa_key, ssh_host_dsa_key.pub, ssh_host_key, ssh_host_key.pub, ssh_host_rsa_key, ssh_host_rsa_key.pub) |
| + | ## <code>sudo shred -u /etc/ssh/*_key /etc/ssh/*_key.pub</code> |
| + | # Remove SSH authorized keys |
| + | ##<code>sudo find / -name "authorized_keys" -exec rm -f {} \;</code> |
| + | # Delete shell history |
| + | ## <code> shred -u ~/.*history</code> |
| + | ##<code>sudo find /root/.*history /home/*/.*history -exec rm -f {} \;</code> |
| | | |
| == Create the AMI == | | == Create the AMI == |