7
2
When I log into an ec2 instance via ssh using keypair (logged in as ec2-user user), I am able to execute sudo commands without typing a password.
How can I configure ec2 instance to prompt for a password when the logged in user issues a sudo command?
petwho
Posted 2014-07-16T14:46:19.997
Reputation: 263
6
Warning: Make sure to set the password for ec2-user before doing this
You need to modify the sudo settings to enable password authentication when using sudo. Run the visudo command as root (or sudo visudo) and look for a line like this:
ec2-user ALL=(ALL) NOPASSWD: ALL
Remove the NOPASSWD: bit, so the line looks like this:
ec2-user ALL=(ALL) ALL
sudo will ask for a password next time you log on. Again, make sure to set your password before doing this!
mtak
Posted 2014-07-16T14:46:19.997
Reputation: 11 805
3I think that next time you should put 'Make sure to set your password before doing this!' at the very top and in bold. – petwho – 2014-07-16T15:12:46.437
What should I do if I didn't set a password? :) – Anton Khodak – 2017-09-25T08:36:41.890
Redeploy the instance using your automated deployment process ;) It's a bit of a workaround, but you can connect the disk of your current container to a different instance as a second disk, mount it and change the
/etc/sudoersfile. Then unmount and reconnect it to the original instance and boot it. – mtak – 2017-09-27T08:42:06.627yeah this doesn't work. – 1N5818 – 2017-09-28T21:11:00.473