How to create users for your EC2 Instance that can connect securely via ssh

Public and Private Keys for AWS Users





Create a normal user in AWS
sudo adduser username


How to add user in sudo group or wheel group
sudo usermod --groups sudo --append username


Allow user to run the sudo command without asking the password
root    ALL=(ALL)       ALL
username ALL=(ALL) NOPASSWD:ALL


Or you can add complete sudo or wheel group. The users under sudo or wheel group run sudo command with asking password to sudo users
%wheel ALL=(ALL) NOPASSWD:ALL
%sudo ALL=(ALL) NOPASSWD:ALL


To switch to the user directory
cd /home/username


Run the following command inside the user home directory to generate keys
ssh-keygen - b 4096 -f username -t rsa


To create the .ssh directory under user home directory
 mkdir .ssh


Give permission to the owner to read, write and execute (700) 
chmod 700 .ssh


To store public key in authorized_keys file (after exit from the username )
sudo cat username.pub >> .ssh/authorized_keys


so that the owner can read and write to the file 
chmod 600 .ssh/authorized_keys


To set the owner to  username and the group owner is centos 
sudo chown username:centos .ssh


To set the owner to and the group owner is centos
sudo chown username:centos .ssh/authorized_keys


To copy user 
sudo cp username /home/centos

OR 

sudo rsync -avr username /home/centos


so that all can read, write and execute 
sudo chmod 777 /home/centos/username


To Download the private key file to local pc (using your local terminal) 
scp -i /home/gautamthakur/Download/gautam-demo.pem centos@aws-public-ip:/home/centos/username username


After download the private key to the local PC. So that user can read. (If you have set the password at the time of created the key then provide the password)
chmod 400 username


To access you AWS Server from the local PC
sudo ssh -i private_key_just_created username@you_aws_public_ip


This key that you have created, you can now give that ti the person that you want to access your instance

If you added a password on your key like in demo, you would also need to give your user that password as well.

Popular posts from this blog

Firewalld Command - Useful firewall-cmd Examples (RHEL based)

Image
  Image Source: techmint Useful firewall-cmd Examples  (Source: thegreekdiary.com) 1. List all zones Use the following command to list information for all zones. Only partial output is displayed.  firewall-cmd --list-all-zones Output: work  target: default  icmp-block-inversion: no  interfaces:  sources:  services: dhcpv6-client ssh  ports:  protocols:  masquerade: no  forward-ports:  sourceports:  icmp-blocks:  rich rules: drop  target: DROP  icmp-block-inversion: no  interfaces:  sources:  services:  ports:  protocols:  masquerade: no forward-ports:  sourceports:  icmp-blocks:  rich rules:  ..... Public is the default zone set, if you do not change it. To check the currently set default zone use the below command: firewall-cmd --get-default-zone public 2. List allowed service and ports on the system To show currently allowed service on your system use the below command.  firewall-cmd --list-services dhcpv6-client ssh   To list the ports that are open on your system:  firewall-cmd --l
Read more

How to Convert PEM KeyFile into PPK KeyFile and vice versa?

Image
Hi, In this post, we will learn that how can we convert PEM KeyFile into PPK KeyFile and vice versa including the installation of the tool which we will use to accomplish this. For the Windows Operating System In Windows system is easy and straight forward. You just need a tool called "puttygen.exe" from the URL -  https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Choose the appropriate version as per your OS. Convert PEM into PPK in Windows After downloading the PuTTYgen and open it, load your file (select All Files (*.*) in the bottom dropdown to select your PEM key file).  You will get a message Successfully imported foreign key, Just click OK, Now click on Save private key button to save that key in the location where do you want to save it. Convert PPK into PEM in Windows Now we will convert PPK file into PEM using PuTTYgen in Windows PC Open the PuTTYgen tool, now load your PPK file into it, and finally, Go to Conversions Menu and Click on Export OpenSSH k
Read more