Set a new user with password login on AWS EC2 linux Instance
AWS

Set a new user with password login on AWS EC2 linux Instance

Creating a new user on EC2 instance and access it remotely via ssh.


Baraa Abuzaid
Baraa Abuzaid
@baraaabuzaid
Set a new user with password login on AWS...

Login to your elastic compute instance with a private-key each time isn’t quite convenient. So we will change that by creating a new user, set ssh config and enabling password login at our EC2 instance.

# Create new user on EC2 linux instance

First, login into ( SSH ) your EC2 instance with default username which is ec2-user using your private-key file that has the extension (.pem)

# follow the following pattern replace with your own private key and DNS
# ssh -i "./my-private-key.pem" ec2-user@<YOUR_PUBLIC_DNS>

# Example 
ssh -i "./my-private-key.pem" ec2-user@169.254.169.254.compute-2.amazonaws.com

know we’ve access to our EC2 instance let’s create a new user and call him joe.

# create new user joe
$ sudo useradd -c "joe" -m joe

# set the password 
$ echo "pass12345" | sudo passwd --stdin joe

# grant him a sudo privilege by assign it to the root group
$ sudo usermod -aG wheel joe
# switch to joe account
$ su - joe

 

# Set the new-user SSH config

Configure ssh for the new user account

# make sure you are in the joe directory I.E /home/joe
# create a .ssh directory in the joe home directory
$ mkdir .ssh

# set the correct permission at .shh directory 
$ chmod 700 .ssh

store our public-key inside .ssh directory

#create file inside .ssh directory to store the public key 
$ touch .ssh/authorized_keys

# set user read/write permission at authorized_keys file 
$ chmod 600 .ssh/authorized_keys

# Retreive the public key from a PEM certificate

Now we added a new user to EC2 instance. let’s jump back to our local machine to retrieve the    public-key from the private-key file (my-private-key.pem).
using Linux/MacOs fire ? up the terminal and type

$ ssh-keygen -y -f /path_to_key_pair/my-key-pair.pem

# I.E result 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLE

For windows users

Invoke-RestMethod -uri  http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

Great! ? now we attained the public-key. We can ssh back to the EC2 instance and switch to Joe account. Navigate to /home/joe directory and copy the public-key to the .ssh/authorized_keys file. But, before editing the file using vim, just make sure you know how to exit :wq! ?

# In the directory  /home/joe
$ vim .ssh/authorized_keys 

# Enable SSH password Authentication

One last step remain, Changing the config file allowing password login. so we edit sshd_config and set PasswordAuthentication yes.

# open sshd_config then set PasswordAuthentication yes 
$ vim /etc/ssh/sshd_config
$ sudo service sshd restart

Exit the SSH and then login to test the password authentication.

Show Comments (1)

Comments

  • Buckinghamshire
    Buckinghamshire

    open architecture

    • Article Author
    • Reply

Related Articles

Coding Identity Matrix in Python
General

Coding Identity Matrix in Python

Basically, the identity matrix is a matrix of zero elements except for the main diagonal elements is set to one. a more formal definition could be written as A matrix I ∈...

Posted on by Baraa Abuzaid
Valid Sudoku
General

Valid Sudoku

So this article is about validating a fun logic game called sudoku. Sudoku board is consists of 9×9 gird, which contains 3×3 subgrids.The objective is to fill a 9×9 grid...

Posted on by Baraa Abuzaid