*: Edit =/usr/libexec/condor/condor-annex-ec2= so that it _only_ sets =EC2PublicIP= and =EC2InstanceID=: remove from after the "Annex-specific code begins here" comment (line 103) all the way down to =echo "done."= (line 252); leave that line but remove next line and change the return to return 0.
*: Run {term}condor_store_cred -c add -f `condor_config_val SEC_PASSWORD_FILE`{endterm} as root to create the pool password file. Make sure the password file is owned by root and has 600 permissions afterwards.
*: Then copy the pool password file to =~ec2-user/.condor= and chown it to that user; then edit =~ec2-user/.condor/user_config= to point to it; this allows =condor_annex= to copy the pool password file to the new instances.
+
+----
+
+You should now have an Condor-in-the-Cloud seed instance. Convert to an AMI in the usual way.
+
+The following, if copied and pasted into a terminal window just before you hit 'create image', makes the image more suitable for general usage: it turns off bash history, clears the bash history, and removes the bash history file; it also removes (all?) HTCondor history files, so the AMI's HTCondor starts up with a clean state; and then cleans up the root and current user's SSH keys and known hosts, and also root's bash history.
+
+{term}
+set +o history
+history -c
+rm -fr ~/.bash_history
+sudo rm -fr /var/log/condor/*
+sudo rm -fr /var/run/condor/*
+sudo rm -fr /var/lock/condor/InstanceLock
+sudo rm -fr /var/lib/condor/execute/*
+sudo rm -fr /var/lib/condor/spool/*
+sudo rm -fr /etc/condor/config.d/49ec2-instance.config
+sudo rm -fr /etc/condor/config.d/password_file.pl
+sudo /bin/sh -c 'rm -fr ~/.bash_history'
+sudo /bin/sh -c 'rm -fr ~/.ssh/authorized_keys'
+sudo /bin/sh -c 'rm -fr ~/.ssh/known_hosts'
+rm -fr ~/.ssh/authorized_keys
+rm -fr ~/.ssh/known_hosts
+{endterm}
