We have an AWS EC2 instance running Linux (Amazon Linux release 2 (Karoo)) and Wordpress. Currently everyone at our company SSH's to this server with a wordpress.pem file (the below line is just saved in a batch file we connect with):
ssh -i %userprofile%\documents\ssh\wordpress.pem [email protected]
We have a contractor who needs access to both our Wordpress site AND SSH access to the Linux box. I am not very familiar with Linux, so I am wondering if anyone knows of a website or video that explains (hopefully with explicit instructions) how to set up access for a user so we don't have to give them our .pem file. At the moment I have no idea what to do. Adding a user in the Wordpress GUI is self-explanatory... not so much on the Linux side though.
If I open Putty and try to connect to the IP, it will ask for a username but when I enter ec2-user, I get this:
Thanks in advance!
You can add the contractor's public key to the
authorized_keysfile on your server. The exact location might vary on your EC2 machine but normally you can find it at~/.ssh/authorized_keys.The public key will look something like this:
Then you just need to open a text editor (e.g. nano, vim) on your EC2 machine and paste in the public key into the
authorized_keysfile I mentioned above.I would create the contractor a new Linux user and set them up with an ssh key. I documented how I did this in Amazon Linux1 here, but once you understand the concept I suggest you search for a more recent resource that is meant for AL2.
Well, I think I finally figured it all out. The only thing I anticipate having to do now is make the test-user an admin of the instance so they can install stuff. Here are the steps.
After you've created your Amazon Linux instance and downloaded the original .pem file for it...
In AWS EC2, go to Key Pairs and click Create Key Pairs, give it a name and choose pem format can click Create key pair button. It will automatically download the pem file. SAVE IT!
Then, SSH to your new Amazon Linux instance with the original .pem file you downloaded when you created the instance. To do so, open CMD prompt and enter the following and press ENTER (replacing /path/new_key_pair.pem with the path of your pem file, and 54.123.123.123 with your actual public IP):
ssh -i /path/new_key_pair.pem [email protected]Then issue the following commands:
sudo susudo adduser test-usersudo su - test-usermkdir .sshchmod 700 .sshtouch .ssh/authorized_keyschmod 600 .ssh/authorized_keysSince the video (https://youtu.be/khPGZYh73fo)assumes everyone's on a Mac or Linux, I had to find out how to obtain public key on Windows:
Copy everything in the output window (except for "imported-openssh-key" at the very end).
Back in your SSH session, open the authorized_keys file and past in the public key you copyied from PuTTYgen:
nano .ssh/authorized_keysPaste public key (by right-clicking anywhere in the window) and save file (CTRL+X then Y then ENTER)
Send .pem file to contractor. They can now open a CMD prompt and enter the following to SSH in as the new user:
ssh -i /path/new_key_pair.pem [email protected]Reference: https://aws.amazon.com/premiumsupport/knowledge-center/new-user-accounts-linux-instance/