AWS private key for CentOS

Support for security such as Firewalls and securing linux
Post Reply
cottagefarmer
Posts: 2
Joined: 2018/01/30 17:03:51

AWS private key for CentOS

Post by cottagefarmer » 2018/01/30 17:19:35

Hi, I created an AWS version of CentOS7. I succesfully logged in via ssh with my username and the private key that I created and downloaded from AWS. Now I'm trying to modify the firewalld with this: 'systemctl stop firewalld'

It says:
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to manage system services or units.
Authenticating as: Cloud User (centos)


I don't know how to respond, am I supposed to tell it somehow to use my private key on my local machine?

Thanks,
CF

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: AWS private key for CentOS

Post by TrevorH » 2018/01/30 17:24:13

It's asking for the password for your "centos" user account. The other alternative is to become root first and run it from there.

However, you don't need to stop firewalld to amend its rules - you use the firewall-cmd command to do that. Run with --permanent it amends the permanent rules that are in place at boot time, run without --permanent it affects the running rules so to affect both you need to run it twice or use the runtime-to-permanent option.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

cottagefarmer
Posts: 2
Joined: 2018/01/30 17:03:51

Re: AWS private key for CentOS

Post by cottagefarmer » 2018/01/30 17:56:21

Thanks, Trevor. Couple followups:

When I connected to the machine via SSH, I connected with the user centos as you indicated, and then I referenced the .pem file for the private key to authenticate - no password was used. Also, if I attempt 'su root' it asks for a password, so still stuck on that. I don't see any root password with the AWS documentation. Is there a default password, or a way to create one with the .pem ? Just not sure of next steps. I thought maybe there was a way to manually invoke the private key file when promoted for a password.

2nd - regarding the firewalld thing, let me backup for the big picture. I'm trying to learn puppet, and creating a puppet master server in AWS. According to the guide I'm using it says:
We have to make sure port 8140 is open. By default CentOS 7 uses firewalld. Unless you are running on a laptop I feel that firewalld is a little bit too much. So let’s remove it and configure iptables.

[elatov@puppet ~]$ sudo yum remove firewalld
[elatov@puppet ~]$ sudo yum install iptables-services
..and there's more instructions, but based on that - do you agree firewalld is "a bit too much" and if so with his approach to use iptables?

Thanks,
CF

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: AWS private key for CentOS

Post by TrevorH » 2018/01/31 01:13:55

I don't use firewalld myself.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply