When you launch an instance on EC2, it launches with the default system user account, but if multiple users access it, it's a good idea to use a separate account for each user.
First, prepare a key pair for the new user. It is easy to manage by creating with the ▼ network & security key pair on the EC2 dashboard.
After DLing locally in the pem file, get the public key of the key pair.
python
$ ssh-keygen -y -f /path_to_key_pair/my-key-pair.pem
//This is the path of the obtained pem.
The command returns a bubble key. (I will use it later.)
Add a new user. After connecting with SSH, add a user with the adduser command and set up with a new account.
python
$ sudo adduser new_user
// new_Replace user with new account name
python
$ sudo su - newuser //newuser is any username
$ mkdir .ssh // .Create ssh directory
$ chmod 700 .ssh // .Change permissions on ssh directory
$ touch .ssh/authorized_keys //authorized_The rule to create keys with this name
$ chmod 600 .ssh/authorized_keys // authorized_Change permissions on keys
Copy and paste the public key you got earlier into authorized_keys.
Check if you can SSH with a new user.
python
$ ssh -i /path_to_key_pair/my-key-pair.pem new_user@public_IPv4_DNS
//Replace with pem file path, new account name, ec2 IP address or DNS
python
Last login: Sun Nov 1 08:16:38 2020
__| __|_ )
_| ( / Amazon Linux 2 AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-2/
I was able to SSH with my new account.
The user who created it cannot use the sudo
command at this time.
python
$ sudo passwd new_user
Set the password with.
If you enter the password at the time of sudo
, you can use the sudo
command.
However, if it is troublesome to enter each time, you can add a user to the group that does not require password entry, and you can do sudo
without the above settings.
python
$ sudo visudo
#%wheel ALL=(ALL)ALL ← Comment out.
%wheel ALL=(ALL) ALL
Comment out the above of visudo
and
$ sudo usermod -aG wheel new_user
Add a new user to the wheel
group.
Recommended Posts