Thursday, December 24, 2015

To let other different users login to Amazon's EC2 instance

Solution 1:

# vim /etc/ssh/sshd_config

PasswordAuthentication = yes

# systemctl restart sshd.service

Solution 2:

Add a new user:

# useradd testuser -m -c 'test user'

Switch to the new account so that newly created files have the proper ownership:

# sudo su - testuser

$ mkdir ~/.ssh

$ chmod 700 ~/.ssh

Note: this step is very important; without these exact file permissions, you will not be able to log into this account using SSH.

$ touch ~/.ssh/authorized_keys

$ chmod 600 ~/.ssh/authorized_keys

Login to Amazon Web Services console. Then, go to EC2 and create a new key pair: machineName_userName.

It will generate a machineName_userName.pem file for you to download.

Upload machineName_userName.pem to your Linux instance.

Change the permission of the machineName_userName.pem:

# chmod 400 machineName_userName.pem

Retrieving the Public Key for Your Key Pair on Linux:

# ssh-keygen -y

When prompted to enter the file in which the key is, specify the path to your .pem file; for example:

/path_to_key_pair/machineName_userName.pem

The command returns the public key:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLE

Edit the authorized_keys file with your favorite text editor and paste the public key for your key pair into the file:

# sudo su - testuser

$ vim ~/.ssh/authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLE

Remove the private key from the server if you do not need it anymore:

# rm /path_to_key_pair/machineName_userName.pem

Reference:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-users.html
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#how-to-generate-your-own-key-and-import-it-to-aws

No comments: