AWS EC2 Linux - how to grant contractor SSH access

ssh user-management amazon-web-services

We have an AWS EC2 instance running Linux (Amazon Linux release 2 (Karoo)) and Wordpress. Currently everyone at our company SSH's to this server with a wordpress.pem file (the below line is just saved in a batch file we connect with):

ssh -i %userprofile%\documents\ssh\wordpress.pem [email protected]

We have a contractor who needs access to both our Wordpress site AND SSH access to the Linux box. I am not very familiar with Linux, so I am wondering if anyone knows of a website or video that explains (hopefully with explicit instructions) how to set up access for a user so we don't have to give them our .pem file. At the moment I have no idea what to do. Adding a user in the Wordpress GUI is self-explanatory... not so much on the Linux side though.

If I open Putty and try to connect to the IP, it will ask for a username but when I enter ec2-user, I get this:

enter image description here

Thanks in advance!


Solution 1:

You can add the contractor's public key to the authorized_keys file on your server. The exact location might vary on your EC2 machine but normally you can find it at ~/.ssh/authorized_keys.

The public key will look something like this:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCrm+fRzQxElsN7ahKCHSymLpkLkW58d01ot3dsx4iIMQqLXuS2nS/yK2uWSYYt1Hrb3aBxJ8WDI+icq049wPIfehG1ew8KufWyFiAtYMKE4AB7VPM7seVvr4Q6ySl3MTbNhNN+Z9a5uSeGeD3ioje37SKyFiFlTeaXcE6SFvV1m5hoIHLJOBWy7j7e1Bbmp5BxfzOu3436L4vfl8LjTM2RRtCv9A0345x0kOM7fBctUpEiVXbSiMEZoZB+ALqnKDY7R1kccLjGJR19m/Pnm3lggVWevLu0zdURJ+HGdXzNOUpUMSgftROlzPtSpDf66WKoCUrlliK/t6qiSoYZzbERoGjWzguEk8tw50ynGf+jLs/fz/jvngZWfecPiqud9FgEQLu4+acJKneKkWbULjYoTlsTfvgNadoR0gbfhpTnGenNRgDI0JFM3uP4UXmXVQruDopPEkev6xicjLZSS8Kim53KO0owmsfVqjk2e1k2lukjX+BNa8lakEqU+UAvX/M= contractor

Then you just need to open a text editor (e.g. nano, vim) on your EC2 machine and paste in the public key into the authorized_keys file I mentioned above.

Solution 2:

I would create the contractor a new Linux user and set them up with an ssh key. I documented how I did this in Amazon Linux1 here, but once you understand the concept I suggest you search for a more recent resource that is meant for AL2.

Related

Can't create EC2 instance with Keypairs for ssh access
Jailkit not locking down SFTP, working for SSH
How to input CRLF from keyboard in linux console
Error during installation MySQL 8.0 on Debian 10
Deep Freeze for Linux. Reverting server to a previous state, kind of a "snapshot" being a physical machine (not a VM)
Getting a "403 access denied" error instead of serving file (using django, gunicorn nginx)
How do I add bitlocker support commands to winpe?
Is it possible to delegate a root domain to another DNS service?
FCM (Firebase Cloud Messaging) Push Notification with Asp.Net
AlarmManager Android Every Day
How to switch to different Storyboard for iPhone 5?
Add UIView Above All Other Views, Including StatusBar