Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

EC2 Create new Linux user(s) with their OWN Key Pairs?

In EC2, i spinned a CentOS v6.5 instance, and i got a Key Pair as well (of course). But the problem is, i hoped it would be like as usual before that it would creates the ec2-user user, so that i can use the ec2-user name and login with that key pair.

But now is not. Instead the key is for root directly. And there also is no ec2-user.

So my basic question would be:

  • How to creates each of additional (new) users, (now lets call "michael" as one new user), to be logged in by using their NEWLY generated (own different) key pairs .pem files? (So that "michael" doesn't need to use the Password, but just use it own key pair)
  • Again, another new user with new key-pair again. (Lets say, the user annie)

Note: It would be really appreciable if a simple (straight-forward) step-by-step instruction can be provided.

like image 352
夏期劇場 Avatar asked Sep 22 '14 03:09

夏期劇場


People also ask

How do I create a new key pair for an existing EC2 instance?

To add or replace a key pairConnect to your instance using your existing private key. Using a text editor of your choice, open the . ssh/authorized_keys file on the instance. Paste the public key information from your new key pair underneath the existing public key information.

Can an EC2 instance have multiple key pairs?

You can also use a third-party tool to create your key pairs, and then import the public keys to Amazon EC2. Amazon EC2 supports ED25519 and 2048-bit SSH-2 RSA keys for Linux instances. You can have up to 5,000 key pairs per Region.

Can we use same key pairs with multiple instances?

Bottom line: You can use the same keypair on multiple instances and you can also use multiple keypairs on the same user on an instance. Save this answer.


2 Answers

Create the user:

# useradd michael

Generate a key pair for him:

# ssh-keygen -b 2048 -t rsa -f key -C michael

Above command will create tow files: key and key.pub

Create .ssh directory for michael and copy the .pub file as below:

# su - michael
# mkdir .ssh && cd .ssh
# cat > authorized_keys < key.pub
# chmod 0700 ~/.ssh; chmod 0600 ~/.ssh/authorized_keys

Handover key to michael. This is nothing but the private key. Usually AWS appends .pem to the private keys.

Now michael can login with private key key as below:

ssh -i key michael@<ec2_host_name>
like image 158
slayedbylucifer Avatar answered Nov 09 '22 20:11

slayedbylucifer


The easiest way to achieve this, is during the instance init using cloud-init and user data.

Copy and paste the following script into the User Data field while creating your EC2 instance.

For username, enter the new user's user name. For ssh-rsa AB3nzExample, enter your public key.

#cloud-config
cloud_final_modules:
- [users-groups,always]
users:
  - name: username
    groups: [ wheel ]
    sudo: [ "ALL=(ALL) NOPASSWD:ALL" ]
    shell: /bin/bash
    ssh-authorized-keys: 
    - ssh-rsa AB3nzExample

This can be easily automated if you are using Terraform.

like image 32
Khashayar Avatar answered Nov 09 '22 21:11

Khashayar