[ubuntu-server] Trying Ubuntu Server in Amazon EC2

Scott Moser smoser at ubuntu.com
Tue Oct 12 01:24:11 UTC 2010

On Mon, 11 Oct 2010, Eric Hammond wrote:

> On 10/11/2010 11:28 AM, John M. Pugh wrote:
> > Anyone try out http://10.cloud.ubuntu.com yet?
> I was already registered with launchpad.net and had previously uploaded
> my ssh keys, so the experience was smooth and fast.  I'm not sure how
> the experience is for the target market in the larger population.

For those without a launchpad account, or without launchpad keys, or with
only an Ubuntu One SSO, they were given a warning message, but allowed to
have a randomly set password shown to them.  The password is expired so
the user is forced to change it on first login.

> It was a little odd that Canonical started the instance with a keypair,
> so the instance allowed ssh from an ssh key that was not mine.  Not that
> big of a deal for a 55min test, but still a little uncomfortable for
> folks who care about security and may not be aware that this is not the
> norm for EC2 instances.

It is in the FAQ.  its a setting in awstrial.  The primary reason for
launching with a key was so we could debug if necessary, and explicitly so
that if the user was locked out (ie, no access to their published
launchpad keys), then we could ssh in, set a onetime password and show
that to the user.  That function isn't implemented yet, but was, I
thought, the most straight forward mechanism for ensuring ssh access.

There is obviously trust in the launcher (Canonical) as they could have
done any nefarious things they wanted to the image.  The FAQ states up
front that the keys are there, if you want to remove them from

FAQ Entry:
| Is Canonical keylogging my instance, or monitoring my traffic?
| Nope. There is an additional key in the 'ubuntu' and 'root' users
| authorized_keys file. That is simply the key that the instance was
| launched with. Feel free to remove them.

> It should not be necessary to allow Canonical ssh access to the test
> hosts, and users can disable this anyway, so probably best to start the
> instances without an EC2 keypair.

I'm not set on it.  We're aware of it, up front with it, and not trying to
do anything rude.

> I noticed that the 55 min limit is triggered by a script run on the
> instance itself.  I wondered if it would be possible to simply kill this
> process to keep the instance running or if Canonical has a separate,
> external process terminating instances that have been running an hour.

The server side terminates the instance in less than an hour.  the at jobs
that are scheduled are merely a safety net if the server side fell over.

The project is open source (AGPL) and available at

Thanks for your comments, Eric.


More information about the ubuntu-server mailing list