Set a new user with password login on AWS EC2 linux Instance
AWS

Set a new user with password login on AWS EC2 linux Instance

Creating a new user on EC2 instance and access it remotely via ssh.


Baraa Abuzaid
Baraa Abuzaid
@baraaabuzaid
Set a new user with password login on AWS...

Login to your elastic compute instance with a private-key each time isn’t quite convenient. So we will change that by creating a new user, set ssh config and enabling password login at our EC2 instance.

# Create new user on EC2 linux instance

First, login into ( SSH ) your EC2 instance with default username which is ec2-user using your private-key file that has the extension (.pem)

# follow the following pattern replace with your own private key and DNS
# ssh -i "./my-private-key.pem" ec2-user@<YOUR_PUBLIC_DNS>

# Example 
ssh -i "./my-private-key.pem" ec2-user@169.254.169.254.compute-2.amazonaws.com

know we’ve access to our EC2 instance let’s create a new user and call him joe.

# create new user joe
$ sudo useradd -c "joe" -m joe

# set the password 
$ echo "pass12345" | sudo passwd --stdin joe

# grant him a sudo privilege by assign it to the root group
$ sudo usermod -aG wheel joe
# switch to joe account
$ su - joe

 

# Set the new-user SSH config

Configure ssh for the new user account

# make sure you are in the joe directory I.E /home/joe
# create a .ssh directory in the joe home directory
$ mkdir .ssh

# set the correct permission at .shh directory 
$ chmod 700 .ssh

store our public-key inside .ssh directory

#create file inside .ssh directory to store the public key 
$ touch .ssh/authorized_keys

# set user read/write permission at authorized_keys file 
$ chmod 600 .ssh/authorized_keys

# Retreive the public key from a PEM certificate

Now we added a new user to EC2 instance. let’s jump back to our local machine to retrieve the    public-key from the private-key file (my-private-key.pem).
using Linux/MacOs fire ? up the terminal and type

$ ssh-keygen -y -f /path_to_key_pair/my-key-pair.pem

# I.E result 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClKsfkNkuSevGj3eYhCe53pcjqP3maAhDFcvBS7O6V
hz2ItxCih+PnDSUaw+WNQn/mZphTk/a/gU8jEzoOWbkM4yxyb/wB96xbiFveSFJuOp/d6RJhJOI0iBXr
lsLnBItntckiJ7FbtxJMXLvvwJryDUilBMTjYtwB+QhYXUMOzce5Pjz5/i8SeJtjnV3iAoG/cQk+0FzZ
qaeJAAHco+CY/5WrUBkrHmFJr6HcXkvJdWPkYQS3xqC0+FmUZofz221CBt5IMucxXPkX4rWi+z7wB3Rb
BQoQzd8v7yeb7OzlPnWOyN0qFU0XA246RA8QFYiCNYwI3f05p6KLxEXAMPLE

For windows users

Invoke-RestMethod -uri  http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

Great! ? now we attained the public-key. We can ssh back to the EC2 instance and switch to Joe account. Navigate to /home/joe directory and copy the public-key to the .ssh/authorized_keys file. But, before editing the file using vim, just make sure you know how to exit :wq! ?

# In the directory  /home/joe
$ vim .ssh/authorized_keys 

# Enable SSH password Authentication

One last step remain, Changing the config file allowing password login. so we edit sshd_config and set PasswordAuthentication yes.

# open sshd_config then set PasswordAuthentication yes 
$ vim /etc/ssh/sshd_config
$ sudo service sshd restart

Exit the SSH and then login to test the password authentication.

Show Comments (1)

Comments

  • Buckinghamshire
    Buckinghamshire

    open architecture

    • Article Author
    • Reply

Related Articles

Fixing React native gradlew access error
General

Fixing React native gradlew access error

If you are getting this error and you are pulling your hair off try to figure out what goes wrong! look no further here are few steps you can take to solve this issue. error...

Posted on by Baraa Abuzaid
Coding Identity Matrix in Python
General

Coding Identity Matrix in Python

Basically, the identity matrix is a matrix of zero elements except for the main diagonal elements is set to one. a more formal definition could be written as A matrix I ∈...

Posted on by Baraa Abuzaid