Home / server / Questions / 958902
Accepted
fatal_error
Asked: 2019-03-19 21:19:11 +0800 CST

How do I create a user and add an SSH key on an EC2 instance?

  • 772

I can ssh into a remote EC2 instance with ec2-user and the keypair in the EC2 account with root(sudo) privileges.

How can I manually create another non-ec2-user user account, add an SSH key, and add sudo permissions to that user?

linux

1 Answers

  1. Best Answer

    Create the user account

    First, create the user account using the standard Linux/UNIX useradd command:

    NEWUSER='newusername'
SSHPUBKEY='ssh-ed25519 AAAA..xyz jamieson@desktop'
sudo useradd -m $NEWUSER

    Add the SSH public key to that user's authorized_keys file

    It's critical to chown the directory back to the user, or the SSH daemon will reject the file that's owned by root and not $NEWUSER. (Another way to do this is to use ssh-copy-id, but this way can be done in the same login session.)

    sudo mkdir /home/$NEWUSER/.ssh/
echo "$SSHPUBKEY" | sudo tee -a /home/$NEWUSER/.ssh/authorized_keys >/dev/null
sudo chown -R $NEWUSER:$NEWUSER /home/$NEWUSER/.ssh

    Set up sudo permissions for that user

    This uses the standard /etc/sudoers.d directory (found in all major distributions) to add sudo permissions with an "ALL" role to the user account.

    echo "$NEWUSER ALL=(ALL) NOPASSWD: ALL" | sudo tee "/etc/sudoers.d/$NEWUSER" >/dev/null

    (Disclaimer: I wrote the first release of a tool that automates this at Userify.)

    • 0