开发者

Allowing additional users to access and EC2 instance

I have set up an Amazon EC2 instance and am able to SSH into it. Can anyone please tell me how I could allow additi开发者_高级运维onal users to SSH into this instance from a different location?

Max.


I started out creating additional users. But it is pointless if you want to give them sudo access anyway. Which you probably do want right? Because giving them sudo acccess gives them access they want to do anyway, so creating their user account was just a waste of time. Additionally creating additional users is an onerous task and leads to a lot of different permissions problems, and means you have to monkey around with the sudoers file to allow them to undertake sudo tasks without entering their password everytime.

My recommendation is to get the new user to provide you with a public key and have them use the primary ubuntu or root account directly:

ssh-keygen -f matthew

And get them to give you the .pub keyfile and paste it into the .ssh/authorized_keys file of your ec2 server.

Then they can login with their private key directly into the ubuntu or root account of your ec2 instance.

I store the authorized_keys file in my private github account. The public keys are not very useful unless you have the private key component so putting it in github seems fine to me. I then put the deployment of my centrally stored authorized_keys file as part of my new server production process.

And then remove the public key from access when they leave your employment. This will lock them out.


  1. Create additional users at a *nix command prompt

    useradd

  2. Create a new rule in the security group which has been applied to your instance, enabling ssh for the public IP Range of your remote user


For specific instructions check out: http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1233.

1. Max.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜