How do I add new user accounts with SSH access to my Amazon EC2 Linux instance?

unix ssh amazon-ec2 centos ssh-keys

8,350

Solution 1

Add the newly created user in /etc/ssh/sshd_config as mentioned below. It's also working fine.

AllowUsers root new_user

AllowGroups root new_user

Solution 2

SSH to your EC2 Instance as standard ec2-user

sudo adduser -m testuser
sudo su - testuser
mkdir .ssh
chmod 700 .ssh
touch .ssh/authorized_keys
chmod 600 .ssh/authorized_keys

On your local pc, if you don't have them already, generate rsa keys (always give enter on default options)

ssh-keygen -t rsa
cat ~/.ssh/id_rsa.pub

Copy the output (something like this)

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTvTnCzaaIPChWXgvxlyswcNzzTjlYUcfNExm6zGGJRtEcjvHMpV6vg9XMOb9ZgRNhgpWQqitQ9yLy+mjznDerfuK9RsEIdu5wb7uVFXs6TGHy8b9sqid0PH6PYuWiZ1/pA6cRrtQudeqlZuVV5wyimPFKZONW3v+BOp+AtIvChPhZI+rWn0T3vxi2NTHfdqW93VqsQ7ReEkzd1RGxJZ+1X0kADmCJKjwAoju0DvvVz3/xdsc2UT3rjRsUTxDR1bH4GBQr7U1pwCGAqZqvEl72TLpUdWRECG42qIPsut95c237gtzkwlU7iAOeiPWJduMV/bPxXnrB/YqF+XwRMuiz testuser@testEC2

and paste into the .ssh/authorized_keys of your testuser of testinstance (using vi or nano or whatever)

from your client ssh to your ec2

ssh [email protected]

This will work. I don't really get the Amazon way of sharing and setting up pem keys. I think it is easier for their automated systems but not for sysadmins. You can use your public key that way on all the servers you need to admin.

8,350

Venkatesh Kuppusamy

Hi, I'm a python developer with Bachelor degree in electronics and communication from SRM Easwari Engineering college and having 6+ years of experience in software development. I'm a backend developer and experienced to build python code in AWS services such as EC2, ELB, ASG, RDMS, CLoudwatch,...etc. I have working experience in MVC framework in python django, and have been involved maintaining source code in github. I'm also worked in bigdata project. I have good exposure in Machine Leaning (Supervised and Unsupervised Leaning).

Updated on September 18, 2022

Comments

Venkatesh Kuppusamy over 1 year

I'm trying to access new user which is created in AWS instance using SSH, but it throws an error when i execute the command ssh -i new_keypair.pem [email protected]

Error : Permission denied (publickey,gssapi-keyex,gssapi-with-mic)..

I followed each and every steps as mentioned in AWS document https://aws.amazon.com/premiumsupport/knowledge-center/new-user-accounts-linux-instance/

Please Let me know is there any additional configurations are required to access newly added user using SSH..
Federico Galli almost 7 years

Please note : AllowUsers -- This keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is allowed only for user names that match one of the patterns. And that the allow/deny directives are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.
SmallChess about 5 years

-m is not needed. Please remove it.
Federico Galli about 5 years

@SmallChess as a home dir is necessary to add .ssh directory and files, I think it's ok to create it with explicit -m