After recovering a Linux instance "PasswordAuthentication" in the /etc/ssh/sshd_config file changes from "Yes" to "No"

After recovering a Linux instance "PasswordAuthentication" in the /etc/ssh/sshd_config file changes from "Yes" to "No"

After recovering a Linux instance "PasswordAuthentication" in the /etc/ssh/sshd.config file changes from "Yes" to "No".

In order to provide secure access to launched instances,  AWS alters a single directive in the /etc/ssh/sshd_config at launch.  AWS alters this file at launch, regardless of its state on disk or backup.  This prevents any user from using PAM password login.  Only ssh public key authentication (based on the ec2-user key used to launch the instance) can take place.

Changed Directive (/etc/ssh/sshd_config)
#PasswordAuthentication yes
PasswordAuthentication no

To prevent this issue,  you can check "Enable User Data" in the Advanced Options of the Instance Recovery screen, and paste this into User Data:

#!/bin/bash
sed -i "s/^PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config
systemctl restart sshd

    • Related Articles

    • Troubleshooting File Level Recovery (FLR) communication issue

      CPM Configuration File-level recovery requires N2WS to recover volumes in the background and attach them to a temporary EC2 ‘worker’ launched for the operation, The worker will be launched in the same account and region as the snapshots being ...

    • CPM instance hardening for vulnerability scans

      In order to perform the below operations, you need to connect to the instance with SSH (your assigned private key and username: "cpmuser"). 1) (Only in v2.3 and up) To enforce usage of TLS 1.2, please edit the file /etc/apache2/mods-enabled/ssl.conf. ...

    • Troubleshooting Linux scripts in CPM

      In order to troubleshoot scripts, you need to connect to the CPM instance over SSH (using user "cpmuser") and execute the scripts from command line. Please do not use "su" or "sudo", as CPM doesn't elevate permissions. If when you run the script you ...

    • N2WS-22694 - Post upgrade recovery screen running slow

      Issue: UI for recovery screen is working very slowly or getting timed out. Solution: Patch for v4.2.0 is available and attached to this KB. The root cause is the new feature of custom recovery tags. there is a performance issue in case of huge ...

    • Error on Instance recovery - Instance recovery failed: Failed checking snapshot availability

      Issue: Error - Instance recovery failed: Failed checking snapshot availability When running a recovery, first CPM downloads the data from the bucket, then it creates a temporary snapshot and then creates the instance. This error occurs when a timeout ...