How to enable direct ssh to EC2 linux instance without keypair file

how to enable direct ssh to EC2 linux instance without keypair file

To enable the direct ssh to linux EC2 instance without using keypair file we have to edit the sshd_config file.

Follow the given below steps

Step 1 : Login into linux EC2 instance with the help of keypair. Use the user name which is related to your instance. for eg.

example:

ssh -i keypar_file.pem ubuntu@ec2-1.1.1.1.compute-1.amazonaws.com

Step 2: After login ,edit the /etc/ssh/sshd_config file and make the value of parameter called PasswordAuthentication as yes

vi /etc/ssh/sshd_config

change the PasswordAuthentication value as yes

PasswordAuthentication yes

:wq
save and exit

Step 3: Restart the ssh service.

In Debian or Ubuntu instance:

/etc/init.d/ssh restart

In CentOS or Red Hat instance:

/etc/init.d/sshd restart

Step 4: Open new terminal in your PC or laptop. ( Do not take the risk  ,playing safe side )

Now try direct ssh without using keypair file.

for eg.

ssh ubuntu@ec2-1.1.1.1.compute-1.amazonaws.com

DNS Pointing

A (Host) records

A records (also known as host records or address records) point a domain name or subdomain to an IP address. For example, if you want your domain "domainnamegoeshere.com" to point to your home computer (whose IP address is, for example, 172.0.0.1), the A record would list "domainnamegoeshere.com", or "@" as the host and "172.0.0.1" as the "Points To" IP address. Entering "@" for the host name is the same as entering your domain name, minus the "www". Entering "www" for the host name is the same as entering your domain name, including the "www

CNAME records

CNAME records (also known as alias records) point a subdomain to an existing A (host) record so that the domain points to the appropriate IP address.

Entering "@" for the host name is the same as entering your domain name, including the "www".

The Points To Host Name should be defined as your domain name (i.e., "www.domainnamegoeshere.com") or "@" (Entering "@" will automatically insert your domain name as the host name for the CNAME Record). The Alias field should be the subdomain of your top-level domain the CNAME record points to your domain.

For example: If you want the CNAME record to point "www" within your domain to "www.domainnamegoeshere," you should enter "www" in the Alias field and "www.domainnamegoeshere.com" in the Points To field. If you want the CNAME record to point "email" within your domain to "email.domainnamegoeshere," enter "email" as the Alias and "email.domainnamegoeshere.com" as the Points To Host Name.

MX records

MX records are for routing email that is addressed to a particular domain name. Like a CNAME record, an MX record points one domain name or subdomain to another domain name or subdomain for which an A record exists.

Entering "@" for the host name is the same as entering your domain name, minus the "www." Entering "www" for the host name is the same as entering your domain name, including the "www".

NS records

NS records specify the authoritative nameservers (both primary and secondary) for the given domain. The authoritative nameservers are identified by name, not IP address. For this reason, an A record must exist for the specified nameservers. Without it, connecting to the servers might be impossible. In every DNS zone, there must be at least two NS records.

TIPS For SYSADMIN

TIPS For SYSADMIN

Open a New RDP session, 

mstsc /v:00.00.00.00 /admin

Replace 00.00.00.00 with your server's IP Address.

Server Mail Queue check

You can also run this on intdelivery.internal

sudo tail -f /var/log/mail.log | grep ServerName

It will monitor the last lines of the mail log and check for ServerName so you can see if mail is being delivered or failing

User details checking in AD

C:\Users\ssatchi>net user username /domain

Check machine is physical or virtual

Open command prompt and run the following command

systeminfo

This command will give you the full details of your system , scroll down to see the following information

system Manufacturer line,

If the system is a physical machine then you ll see

system Manufacturer  ASUS,DELL,HP

If the system is a virtual machine then you will see

system Manufacturer : VMware inc.

System Model : VMware virtual Platform.

If the system is a microsoft Hyper-V then you will see

system Manufacturer : Microsoft Corporation.

System Model : Virtual Machine

How many users are logged on/connected to a server?

On the Server

NET SESSION | FIND /C "\\"

On Remote Server

PSEXEC \\servername NET SESSION | FIND /C "\\"

When did someone last change his password?

H:\>net user saththiyan /domain | find /I "password last set"

Password last set            8/11/2013 5:32:27 PM

Is some one’s account locked ?

H:\>net user saththiyan /domain | find /I "account active"

Account active               Yes

Unlock the account

License capacity monitoring alarm triggered in vCenter Server

License capacity monitoring alarm triggered in vCenter Server

Symptoms

·    License capacity monitoring alarms are triggered in vCenter Server.

·    After upgrading to vCenter Server 5.x, license capacity monitoring alarms trigger.

·    This issue occurs even when license key counts in the Management tab are under capacity.

Note: To access the Management tab, Click Home > Administration > Licensing. Click the Management tab and select the License key radio button.

Cause

This issue occurs because vCenter Server reports that vRAM licensing capacity is exceeded.

Resolution

This is a known issue affecting vCenter Server 5.x.

VMware has eliminated the vRAM restriction on licenses to VMware vSphere. For more information, see the Updated vRAM Policy. This alarm can be safely ignored or disabled.

To disable the alarm:

1. Log in to vCenter Server.

2. Select the vCenter Server at the top level (above Datacenter and Cluster).

3. Select Alarm Definition.

4. Locate the License capacity monitoring alarm.

5. Right-click the alarm and click Edit Settings.

6. In General tab, deselect the Enable this alarm option.

Ref : http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2052463

Veeam Backup Error - 'Unable to release guest. Error: Unfreeze error

Veeam Backup Error - 'Unable to release guest. Error: Unfreeze error:'

Problem

Yesterday morning, I walked into the office, the boss told me a client's Exchange was running slowly and they had had a Veeam backup fail. I know this client well enough to know if it was something simple he would have fixed it himself, so while my laptop booted I armed myself with a coffee.

I connected to the Veeam backup server and this was the error.

Unable to release guest. Error: Unfreeze error: [Backup job failed. Cannot create a shadow copy of the volumes containing writer's data. A VSS critical writer has failed. Writer name: [Microsoft Exchange Writer]. Class ID: [{76fe1ac4-15f7-4bcd-987e-8e1acb462fb7}]. Instance ID: [{65ec880f-7b6a-402f-baf1-14d4de7f6fb9}]. Writer's state: [VSS_WS_FAILED_AT_FREEZE]. Error code: [0x800423f2].]
Error: Unfreeze error: [Backup job failed. Cannot create a shadow copy of the volumes containing writer's data. A VSS critical writer has failed. Writer name: [Microsoft Exchange Writer]. Class ID: [{76fe1ac4-15f7-4bcd-987e-8e1acb462fb7}]. Instance ID: [{65ec880f-7b6a-402f-baf1-14d4de7f6fb9}]. Writer's state: [VSS_WS_FAILED_AT_FREEZE]. Error code: [0x800423f2].]

Solution

1. OK that’s a huge error, but essentially it's complaining about the VSS writer on the Exchange server. Log onto the Exchange server, drop to command line and issue the following command;

vssadmin list writers

Chances are you will see the following;

If you look in the Event Log you will probably also see Event ID 2007.

Information Store (2544) Shadow copy instance 1 aborted.

2. To fix that you need to restart the Microsoft Exchange information store service.

3. Check again to make sure you are back up.

4. Note: We are backing up using Veeam, make sure there is no instance of the Symantec Backup Exec Remote Agent for Exchange, if it's there remove it.

5. Finally, I’ve got over 120GB of transaction logs to contend with, for the problem mail store, I’m going to enable circular logging to free up some room. (Note: You can disable this again once you have a decent backup if you wish).

6. At this point I rebooted both the Exchange server and the Veeam Backup server it then performed a backup of the Exchange server without error.

Updating VMware Tools fails with the error: Update Tools failed. Edit the virtual machine’s vmx file

Updating VMware Tools fails with the error: Update Tools failed. Edit the virtual machine’s vmx file

Symptoms

• You are unable to update VMware Tools
• Updating VMware Tools fails
• You see the error:
  Update Tools failed. Edit the virtual machine's vmx file, add the line below and try again. Please read KB article 1714 on tips for editing a vmx file.
isolation.tools.guestInitiatedUpgrade.disable = "FALSE"

Cause

This issue only occurs when using the update VMTools button from within the guest operating system.

Resolution

To resolve this issue, add the necessary setting to the virtual machine configuration file.

• Go to Edit settings from VM
• Go to Options
• Go to General (picture 1)
• Go to button Configuration Parameters (picture 1)
• Go down to last rule and klik Add row (picture 2)
• Put isolation.tools.guestInitiatedUpgrade.disable  in the Name field (picture 3)
• Put FALSE in the Value field (picture 3)
• Click OK and start VM
• Now you can use the update tools button in the VM without errors

Picture 1

Picture 2

Picture 3

WSUS 3.0 SP2 will not run after installing update KB2720211

We are running our Updates server on vcentre, suddenly we were not able to open the windows server update services, MMC was failing to open. After a long research i found the method to install KB2720211 update file. following method i used.

• Download the KB2720211 installer for your architecture from Microsoft (http://support.microsoft.com/kb/2720211) 

• Extract WUSSetup.msp from the installer by running the installer with the /extract parameter (example: "WSUS-KB2720211-x64.exe /extract") 

• With 7-zip, open WUSSetup.msp and extract "PCW_CAB_SUS". 

• With 7-zip, open "PCW_CAB_SUS" and extract "DbCert", "DbCertDll", and "DbCertSql".

• Rename those files to "WSUSSignDb.cer", "WSUSSignDb.dll", and "WSUSSignDb.sql", respectively. 

• On your WSUS server, navigate to C:\Windows\SYSMSI\SSEE\MSSQL.2005\MSSQL\SchemaSig" and copy the extracted "WSUSSignDb.cer" and "WSUSSignDb.dll" to it.

• Make a backup copy of the two existing versions, just in case. 

• On your WSUS server, navigate to "C:\Program Files\Update Services\Database" and copy the extracted "WSUSSignDb.sql" to it. 

•  Make a backup copy of any existing versions of the file. 

 It worked well and i was able to install the update file. Thanks saththiyan