EC2: Creating pem files for external users

ssh-keys amazon-ec2

I'm fairly new to this. I'm running a bunch of EC2 machines and when creating my AWS Account i got my own .pem file in order to connect to my machines for which I have full access rights, etc.

As I'm working with freelancers and developers I want to give them full access rights for a specific instance without of course sharing my very own .pem file.

What is the easiest and best/pragmatic way to do that. What are the steps and are the freelance developers then also be able to fully connect to the machine with read/write access to everything on this instance?

Thanks for your feedback in advance, Matt


Create a user on your EC2 instance, then generate them a key. Grant that user permissions to access whatever they need access to.

I have a tutorial on creating an EC2 user with a certificate. In short

Create the user

sudo su
sudo useradd -m fred
passwd fred

Create the key

su fred
cd ~
ssh-keygen -f rsa

mkdir .ssh

touch .ssh/authorized_keys
chmod go-w ~/
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

cat fred.pub >> /home/fred/.ssh/authorized_keys

Allow the user to log in

vi /etc/ssh/sshd_config
PasswordAuthentication no
AllowUsers ec2-user fred

Send the private key to the user securely.

Related

Tune Linux & Nignx to handle 10k Connections @10Gbps Server
Dell Compellent clock skew too great
How to start containerd as a service after yum install?
grub rescue on Ubuntu 18.04 with btrfs partition
How do online games send UDP packets across the internet?
OpenVPN TLS handshake failing - what ELSE could it be?
Upgrade from centoS 6.10 to what OS for OTRS/Znuny?
AWS - ssh to instance in private subnet
Disk2vhd : error during copy. The error could not be performed due to an I/O error
Mails not received when using Cloudflare DNS and Cpanel server [closed]
AWS VPC Design issue - CIDR conflicts
How can I find which kubernetes certificate has expired?