On the local machine, get public key for later use:
$ test -f ~/.ssh/id_rsa.pub && cat ~/.ssh/id_rsa.pub || ssh-keygen -t rsa -C "me@example.com" && cat ~/.ssh/id_rsa.pub
On the remote EC2 instance, create a new user and add the new user to sudo group:
# useradd USER_NAME -m -s /bin/bash -c 'admin user' && usermod -aG sudo USER_NAME
# visudo
%sudo ALL=(ALL:ALL) NOPASSWD: ALLUSER_NAME ALL=(ALL) NOPASSWD: ALL# sudo su - USER_NAME
$ mkdir ~/.ssh \
&& chmod 700 ~/.ssh \
&& touch ~/.ssh/authorized_keys \
&& chmod 600 ~/.ssh/authorized_keys \
&& vim ~/.ssh/authorized_keys
On the local machine:
$ ssh -i ~/.ssh/id_rsa -p 22 USER_NAME@1.2.3.4
or
$ mosh --ssh="ssh -i ~/.ssh/id_rsa -p 22" USER_NAME@1.2.3.4
Solution 2:
# vim /etc/ssh/sshd_config
PasswordAuthentication = yes# systemctl restart sshd.service
Solution 3:
Add a new user:
# useradd testuser -m -c 'test user'
Switch to the new account so that newly created files have the proper ownership:
# sudo su - testuser
$ mkdir ~/.ssh
$ chmod 700 ~/.ssh
Note: this step is very important; without these exact file permissions, you will not be able to log into this account using SSH.
$ touch ~/.ssh/authorized_keys
$ chmod 600 ~/.ssh/authorized_keys
Login to Amazon Web Services console. Then, go to EC2 and create a new key pair: machineName_userName.
It will generate a machineName_userName.pem file for you to download.
Upload machineName_userName.pem to your Linux instance.
Change the permission of the machineName_userName.pem:
# chmod 400 machineName_userName.pem
Retrieving the Public Key for Your Key Pair on Linux:
# ssh-keygen -y
When prompted to enter the file in which the key is, specify the path to your .pem file; for example:
/path_to_key_pair/machineName_userName.pem
The command returns the public key:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLEEdit the authorized_keys file with your favorite text editor and paste the public key for your key pair into the file:
# sudo su - testuser
$ vim ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLERemove the private key from the server if you do not need it anymore:
# rm /path_to_key_pair/machineName_userName.pem
Reference:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-users.html
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#how-to-generate-your-own-key-and-import-it-to-aws
No comments:
Post a Comment