Open in app

Sign in

Write

Sign in

SSH into AWS without pem file. Must know user management on AWS.

Abhishek Honey
2 min readFeb 8, 2021

I always wanted to know how to manage multiple users on AWS without sharing the PEM file.

The best practice should be to never share the .pem file and allow multiple users to login into the AWS console.

User management of Linux has passed the test of time, so we should trust the same without re-inventing the wheel.

Now we will add a new user god into the AWS Linux AMI EC2 instance and then we will log in to the user god. We will do it in 3 steps for Macbook users.

Step 1: Generate a public and private key.

In this step, we will generate a public and private key for the client(laptop, desktop). We will be able to login using this client only.

  • Run the following command in your mac console.

Note: Please install ssh-keygen if not already installed.

ssh-keygen -f ~/.ssh/god
  • The above command will get generated a private & a public key for you inside ~/.ssh directory. The public key will be ~/.ssh/god.pub & private key will be ~/.ssh/god
  • Copy the content of the public key, we will paste it later in the AWS Linux instance.
cat ~/.ssh/god.pub

Step 2: Add the config

In this step, we will add the config to help the ssh command identify the properties that it should use.

  • Open your config file.
vi ~.shh/config
  • Add the below lines to the config file.

Note: HostName is the public IP address of the AWS Linux instance.

Host  godsAws
  HostName      199.213.178.104
  User          god
  IdentityFile  ~/.ssh/god

Step 2: Add a Linux user.

You can also refer to the link to get more idea.

  • Log in to EC2 AWS Linux instance. (Normal login)
  • Paste the below lines in the AWS EC2
sudo adduser god
sudo su — god
mkdir .ssh
chmod 700 .ssh
touch .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
vi .ssh/authorized_keys

Now paste the content of cat ~/.ssh/god.pub into the authorized_keys file and do not forget to add the username at the end.

ssh-rsa HUIHHKKBAAB3Nhuhuc2EAAAADAioioioiABgQCl… god

As many users as you like can be added and they will be able to connect with the EC2 AWS Linux instance without the pem file.

Now finally to connect:

ssh godsAws

Yey…. Now you should enjoy it.

You can also create a user group and a lot more. Will be writing a blog about it in the future.😎

Github Link

AWS
Ec2
Linux
User Management

--

--

Abhishek Honey

Written by Abhishek Honey

0 Followers

Software Developer

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams