<img alt="" src="https://secure.leadforensics.com/150446.png " style="display:none;">

How to add SSH users in Amazon Linux

Priya Benade May 20, 2013

amazon web services AWS Secure Shell Amazon Linux cloud computing Technology Add SSH Users in Amazon Linux

What Is SSH?

Secure shell (SSH) is the secure method of remotely connecting to another server. By default SSH listens for connections on port 22 and demon service of SSH is sshd. The ssh configuration file is located at /etc/ssh/sshd.config and is used for any additional configurations regarding listening port, location of keys exchanging between the two sessions of the client and server and vice versa etc.

Whenever you have to configure the SSH user on Amazon Linux just follow the following steps:

  1. Install the openssh package by using yum command
    yum install openssh
  2. Start and enable sshd service
    service sshd restart
    chkconfig sshd on
  3. open port 22 for all IP addresses
    /sbin/iptables –A INPUT –n state --state NEW –n tcp –p tcp --dport 22 –j ACCEPT

Steps to create SSH user in AWS Linux machine:

  1. Create a new Linux user with the useradd command.
    The following command creates a new user and adds it into the ec2-user security group.
    (You need to run this command using sudo to obtain root permission)
    sudo useradd -g ec2-user newuser
  2. Create a new Linux group with the groupadd command with the same as created user
    Sudo groupadd newuser
  3. Log in as newuser using the sudo and su commands.
    sudo su newuser
  4. Go to newuser's home directory.
    cd /home/newuser
  5. Generate a new public/private key pair for this user using with the ssh-keygen command.
    ssh-keygen -b 1024 -f newuser -t dsa

    It will ask for passphrase then hit ‘ENTER’ key

    After you execute this command two files will be created as shown below

    • newuser
    • newuser.pub

    Add SSH Users in Amazon Linux

  6. Create the .ssh/.authorized_keys file with the appropriate ownership and permissions.

    $ mkdir .ssh
    $ chmod 700 .ssh
    $ cat newuser.pub > .ssh/authorized_keys
    $ chmod 600 .ssh/authorized_keys
    $ chown newuser:newuser .ssh
    $ chown newuser:newuser .ssh/authorized_keys

  7. Move newuser to /tmp directory and assign proper permissions for downloading.
    Then download the private key file (named newuser) using WinSCP (or a similar SFTP application), and convert the private key to a PuTTY.ppk

Now you can log in directly as the user newuser to your Amazon EC2 instance.

e-Zest is a leading digital innovation partner for enterprises and technology companies that utilizes emerging technologies for creating engaging customers experiences. Being a customer-focused and technology-driven company, it always helps clients in crafting holistic business value for their software development efforts. It offers software development and consulting services for cloud computing, enterprise mobility, big data and analytics, user experience and digital commerce.