Changes

From Genome Analysis Wiki
Jump to navigationJump to search

Creating an AMI on EC2 (view source)

Revision as of 14:54, 14 October 2014

67 bytes added ,  14:54, 14 October 2014
→‎Cleanup Instance for AMI Creation
Line 103: Line 103:     
==Cleanup Instance for AMI Creation==
 
==Cleanup Instance for AMI Creation==
 +
First time from generic/starcluster AMI
 
# Disable password-based logins for root
 
# Disable password-based logins for root
 
## Open /etc/ssh/sshd_config
 
## Open /etc/ssh/sshd_config
Line 110: Line 111:        +
Each time we generate a new AMI, run:
 +
<pre>sudo shred -u /etc/ssh/*_key /etc/ssh/*_key.pub
 +
sudo find / -name "authorized_keys" -exec rm -f {} \;
 +
rm -rf ~/.ssh
 +
shred -u ~/.*history
 +
sudo find /root/.*history /home/*/.*history -exec rm -f {} \;
 +
history -w
 +
history -c
 +
</pre>
 +
These commands do the following:
 
# Remove SSH host key pairs
 
# Remove SSH host key pairs
## <code>sudo shred -u /etc/ssh/*_key /etc/ssh/*_key.pub</code>
   
# Remove SSH authorized keys
 
# Remove SSH authorized keys
##<code>sudo find / -name "authorized_keys" -exec rm -f {} \;</code>
   
# Remove ssh
 
# Remove ssh
##<code>rm -rf ~/.ssh</code>
   
# Delete shell history
 
# Delete shell history
## <code> shred -u ~/.*history</code>
  −
##<code>sudo find /root/.*history /home/*/.*history -exec rm -f {} \;</code>
      
== Create the AMI ==
 
== Create the AMI ==
Retrieved from "http://genome.sph.umich.edu/wiki/Special:MobileDiff/11711...11713"

Navigation menu