Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

create an ec2 instance with multiple key pairs

Tags:

ssh

amazon-web-services

ssh-keys

cloud

boto

While creating an ec2 instance, we provide a key pair name.

But generally, I associate multiple ssh public/private keys with any remote server. I know that it's not possible to attach a key pair once the ec2 server has been created. So I would like to know whether it's possible or not to use multiple key pairs while creating an instance.

like image 639
Pattu Avatar asked Jun 25 '14 12:06

Pattu

People also ask

Can you add a key pair to an EC2 instance?

You can use Amazon EC2 to create your key pairs. You can also use a third-party tool to create your key pairs, and then import the public keys to Amazon EC2. Amazon EC2 supports ED25519 and 2048-bit SSH-2 RSA keys for Linux instances. You can have up to 5,000 key pairs per Region.

How do I create a new key pair in Amazon EC2?

To create a key pairOpen the Amazon EC2 console at https://console.aws.amazon.com/ec2/ . In the navigation pane, under Network & Security, choose Key Pairs. On the Key Pairs page, choose Create Key Pair. For Key pair name, type a name that is easy for you to remember, and then choose Create.

Can we use same key pairs with multiple instances?

Bottom line: You can use the same keypair on multiple instances and you can also use multiple keypairs on the same user on an instance. Show activity on this post. Yes, you can use one key pair for multiple EC2 instances. Click the "Launch" button and click "Choose an existing key pair."

Does AWS charge for key pairs EC2?

EC2 key pairs and security groups don't cost a penny.

1 Answers

Unfortunately, it's also not possible to import a key having two entries. Only the first entry is imported into the new key pair.

What you can do is:

Don't use the EC2 key pairs but instead use the user_data field to insert multiple SSH public keys in the /home/<user>/.ssh/authorized_keys file, where <user> is the standard user for your AMI (ubuntu, ec2_user etc.).

You can add user_data to every launching EC2 instance. Consider the following example:

#!/bin/bash echo "ssh-rsa AAAA…" > /home/ubuntu/.ssh/authorized_keys echo "ssh-rsa AAAA…" >> /home/ubuntu/.ssh/authorized_keys chown ubuntu: /home/ubuntu/.ssh/authorized_keys chmod 0600 /home/ubuntu/.ssh/authorized_keys

User data scripts run as root so you don't need to specify sudo.

That way, you could create personalized SSH access keys via tools like Terraform before managing the instances with Ansible or similar.

Note that you don't know what keys are being used by a simple look, though. You'd need access to the machine to check it.

like image 174
Roger Lehmann Avatar answered Sep 24 '22 17:09

Roger Lehmann
Sign in to Comment

Related questions

How to delete a unconfirmed AWS SNS subscription
Can I use AWS Certificate Manager certificates for API Gateway with Custom Domain Name
AWS lambda function stops working after timed out error
What does the dualstack prefix mean in AWS ELB?
s3.getObject().createReadStream() : How to catch the error?
Can't delete AWS internet Gateway
Why every time Elastic Beanstalk issues a command to its instance it always timed out?
Linking Container in AWS Fargate
Is it possible to use AWS as a web host?
Elastic Beanstalk Ruby/Rails need to install git so bundle install works.. but is not
connecting AWS SAM Local with dynamodb in docker
AWS elastic-search. FORBIDDEN/8/index write (api). Unable to write to index
Unable to load AWS credentials from the /AwsCredentials.properties file on the classpath
Amazon Elastic Beanstalk node and npm non-standard install locations
Amazon Web Service can't delete an Elastic Beanstalk environment
How to create folder or key on s3 using AWS SDK for Node.js?
How to delete multiple files in S3 bucket with AWS CLI
Error "uninitialized constant AWS (NameError)"
AWS API Gateway: User anonymous is not authorized to execute API
Cross Account Alias Records

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!