SFTP Gateway Support

3.0

Change Linux Password on AWS SSM

How to Change Your Linux Password on AWS Using Systems Manager (SSM)

This article will guide you through using AWS Systems Manager (SSM) to inject commands into your EC2 instances, allowing you to add a public key to /home/ec2-user/.ssh/authorized_keys. This method provides SSH access when you do not have the original key.

Prerequisites

Before proceeding, ensure you have:

  • An AWS account with EC2 instances running.
  • Appropriate permissions to access AWS Systems Manager and manage EC2 instances.
  • The AWS CLI installed and configured on your machine.

Steps to Change the Linux Password Using AWS SSM

Step 1: Verify SSM Agent is Running

  • Ensure that the SSM Agent is installed and running on the EC2 instance. Most modern Amazon Machine Images (AMIs) come with the SSM Agent pre-installed. You can verify this by connecting to your instance and running:
sudo systemctl status amazon-ssm-agent

If the agent is not installed or running, refer to the AWS documentation to install and start the agent.

Step 2: Granting IAM Role

  • Ensure your EC2 instance has an IAM role with AmazonSSMFullAccess policy attached. This role enables the instance to communicate with Systems Manager service.

Step 3: Using AWS SSM to Change Password

  1. Open the AWS Management Console and navigate to the AWS Systems Manager service.
  2. Select 'Run Command' from the left navigation pane.
  3. Choose 'AWS-RunShellScript' as the document (command document) that lets you run shell scripts.
  4. Select the Target Instances where you want to change the password. In the Command Parameters Section, enter the command to add your public SSH key to the authorized_keys file:
echo 'your-public-ssh-key' >> /home/ec2-user/.ssh/authorized_keys

Replace 'your-public-ssh-key' with your actual public SSH key.

Step 4: Execute the Command Click on Run to execute the command. This command appends your public SSH key to the authorized_keys file of the ec2-user, granting you SSH access.

Step 5: Access the Instance and Change Password

  • SSH into your instance using:
ssh ec2-user@your-instance-ip
  • Change the user password by executing:
sudo passwd ec2-user

Follow the prompts to enter and confirm the new password.

PreviousNext