All official OMIs use keypairs as their authentication system. For more information, see Official OMIs Reference and About Keypairs > Keypairs and OMIs.
Non-official OMIs can use any authentication system. They may have vulnerable configurations or include backdoors or malicious software. For example, they could have a root
password set or an embedded SSH key that is not cleared at the first launch of the instance during which your public key is added. Any instance launched from such an OMI thus incurs risks. Therefore, you must check the /root/.ssh/authorized_keys file in the instance and only keep the last entry which corresponds to your public key. You are also responsible for checking the image’s SSH configuration. In general, you should only use images made available by trustworthy and well-known providers.
Comments
0 comments
Please sign in to leave a comment.