[BUG]: Adding AWS instance connect by default breaks current sshd config

[nbrys]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

7f6b5c9

this PR added AWS Instance connect by default to AlmaLinux images. Unfortunately, this breaks current sshd config as this adds the following to the sshd service:

systemctl status sshd ● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled) Drop-In: /usr/lib/systemd/system/sshd.service.d └─ec2-instance-connect.conf Active: active (running) since Thu 2025-03-20 14:39:09 UTC; 38min ago Docs: man:sshd(8) man:sshd_config(5) Main PID: 930 (sshd) Tasks: 1 (limit: 24257) Memory: 14.1M CGroup: /system.slice/sshd.service └─930 /usr/sbin/sshd -D -o AuthorizedKeysCommand /opt/aws/bin/eic_run_authorized_keys %u %f -o AuthorizedKeysCommandUser ec2-instance-connect

See the overwrite: -o AuthorizedKeysCommand /opt/aws/bin/eic_run_authorized_keys %u %f -o AuthorizedKeysCommandUser ec2-instance-connect

All instances where a custom sshd config was set for AuthorizedKeysCommand (like for example to support authentication with ssh keys backed by IPA) is broken

This is added by a snippet in /usr/lib/systemd/system/sshd.service.d/ -> ec2-instance-connect.conf

The only way to fix this is to uninstall ec2-instance-connect again

Expected Behavior

No response

Steps To Reproduce

No response

Anything else?

No response

Search terms

aws instance connect

[LKHN]

Hi @nbrys,
Have you seen this issue #173 ?

I know the title is not give any hint about the issue. :)