Best practice for managing AWS SSH .pem files within team [duplicate]

ssh amazon-web-services amazon-ec2

You should not be sharing these keys. Period.

Each user should generate their own SSH keypair and their public key should be deployed to each system they need access to. Private keys are named as they are for a reason - they should be private to each user, generated by them, protected with a passphrase, and kept in a secure location on that user's workstation. Even with a fully-trusted team, using shared credentials goes against every best practice out there (for a variety of reasons).

When you start using per-user keys, both of your other issues go away.

Additionally, to avoid the stupid dual-ssh rigamarole, just put the following in your users ssh config:

Host internal-host.example.com 
  Hostname internal-host.example.com 
  User ubuntu
  IdentityFile ~/.ssh/id_rsa
  ProxyCommand ssh bastion-host.example.com nc %h %p 2> /dev/null

After doing this, your users will be able to run a single command to connect directly to the internal host, e.g. $ ssh internal-host.example.com.

Related

Easy way to rename all files in a directory in Windows [closed]
How to secure phpmyadmin?
Can I automatically ROUTE ADD xxxx after i make a VPN connection in Windows 7?
Add daemon account on OS X
When would you use the "password never expires" option?
My server Admin wants me to set public write permissions on a directory
Setup for high availability virtualized environment
How can I move my deploy key into vagrant?
How can I install MySQL 5.7.9 to Ubuntu 14.04?
Hidden commands on Windows
Comparison of Unix shells
Group of elevators in a building