getting errors related to hostname -- security problem? ok to change hostname?
 

I set up an Amazon EC2 instance running Ubuntu. I have since restarted this virtual machine. I'm not certain, but I believe that restarting a machine can result in the LAN IP address changing. I have assigned an "elastic IP" to this server instance so that the public may access it.

The other day the web server on this virtual machine became unresponsive. While I was logged in, I tried to check the hostname and got an error:
I also get errors when trying to perform a sudo command:
I don't recall this happening before and wonder what might have happened. I have spent a lot of time hardening this server and would be quite surprised if it has been compromised. The reason for the apache becoming unresponsive appears to have been caused by a separate machine (an Amazon RDS database node).

On the other hand, this machine is running in a virtualized environment. I suppose anything is possible.

Is it OK for me to change the hostname to something like www.example.com? Should this be done by editing /etc/hostname or by using the hostname command? I believe the original one was assigned by the Amazon EC2 system, but cannot be sure of that. When I instantiate new servers from a machine image based on this server, they appear to have different hostnames that are assigned by the EC2 system. Also, I'm not sure what system processes might be affected when I change the hostname. The default hostnames are also pretty unhelpful when I receive fail2ban or samhain notifications. Lastly, I expect in the near future I may have numerous copies of this virtual machine all serving www.example.com and I'd like to be able to distinguish them.

I'm also wary of assuming a hostname that might cause some kind of network conflict. Unfortunately, I'm not really sure what role the hostname on a particular system plays in the grander scheme of networking. I've noticed that the default hostname style supplied by EC2 for these machines is somewhat different for new machines than when I set up this particular machine a couple of years ago. I'm wondering if hostname must be unique on a LAN or within a particular network? Here's an example of a more recent EC2 hostname:
Perhaps they are using IPv6 on their internal network.

I checked "man hostname" and was unable to find out much. This seemed to be the most informative bit:

post your sanitized /etc/hosts file i from p-11-22-33-44 please.

Also have a look at https://forums.aws.amazon.com/thread...threadID=70081

"hostname -f" fails on every EC2 host I manage.

EIPs do NOT change on instance reboot/restart. Stopping them, yes, bouncing them, no.

"apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName" is non-fatal. An "error" I usually ignore both on and off EC2 hosts.

You can give an EC2 instance a "public IP" but until you edit the Security Group/Port it may not really be "public".

Please let us know.

Thanks for the link. Going now...

It works fine on some of my more recent instances.

EIPs? Bouncing? Can you please clarify?

Yes I'm not concerned about this error -- just a bit confused by the need to check hostname. I'm guessing it tries to report "sudo command by X from host Y" in the auth log file. Wondering why my hosts file contains an IP address that bears no relation to the machine's current ip.

Yes this machine has an elastic IP and has been serving copious amounts of web traffice for about 2 years.

Thanks for your response.