Does this work on cloud providers (like EC2)?

[stela5]

I created a script based on your instructions ( https://gist.github.com/anonymous/39b498911635c21ac61e ) and used it on an EC2 m3.2xlarge machine ( ami-df6a8b9b on http://cloud-images.ubuntu.com/releases/14.04/release-20150325/ ) but it doesn't boot upon final reboot.

This may be a noob question, but does your process work on cloud providers like EC2? Was it because I used an HVM instance instead of a PV instance? ( https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/virtualization_types.html )

[dolanjs]

@stela5 The current directions will not work for amazon instances. I haven't personally created a grsec kernel to run on ec2. For testing environments I have created ones for linode's vps before integrating their directions and corresponding options in the grsec menu. With some modification should be able to do it for amazon too.

While there isn't an option for ec2 but have you also taken a look at the grsecurity store.

[stela5]

FYI, I was able to get grsec on AWS EC2 using https://bitbucket.org/emmons/esk-mirror

[kolargol]

grsecurity enabled kernels for pv and hvm are here: http://blog.onefellow.com/tagged/esk you can test directly precompiled module-less kernels or you can use config to build yourself.