Ram Laxman Yadav bio photo

Ram Laxman Yadav

Ruby on Rails Developer

Email Twitter LinkedIn Github Stackoverflow

Hello all, However in practice we always need to create a new user into aws servers and perform several operations. Like ssh. ssh is a basic operation that we do on servers to do anything. However aws provide the .pem authentication for ssh.

In this example we gone learn how to make an instance over aws, create a new user into that instance in sudo group and ssh to the user without a pem file. For this several steps have be follow:

1. Create an instance

  • First go to console.aws.amazon.com.
  • Click on EC2.
  • Click launch instance.
  • Select a machine image type. For this example I have taken ubuntu free tier machine.
  • Create a new pem file and download it.
  • Review security groups and change if you want to do any changes into security groups.
  • Review all configurations and launch instance.

2. SSH to root user by pem file

Now you have to ssh to root user by using pem file. Run following commands.

  • chmod 400 /path_to_pem/you_pem_file_name.pem
  • ssh -i /path_to_pem/you_pem_file_name.pem USER_NAME@ec2-SOME_IP_SEPRATED_BY_(-).compute-1.amazonaws.com. Like ec2-52-23-186-83.compute-1.amazonaws.com #=> Here USER_NAME is the name of root user for ubuntu machine it “ubuntu” and for AMI(Amazon Machine Instances) is “ec2”.

3. Add a new user in sudo group:

follow these steps to add a new user in sudo group:

  • sudo adduser NEW_USER_NAME #=> Here NEW_USER_NAME is new user’s name say ‘deploy’.

  • Add user to sudoers file by running sudo visudo and add the following line: NEW_USER_NAME ALL=(ALL:ALL) ALL
  • If you want to enable password authentication for the user. You can enable password authentication by: sudo nano /etc/ssh/sshd_config and change PasswordAuthentication no to PasswordAuthentication yes.
  • sudo su - NEW_USER_NAME. Give a strong password while creating a new user.

4. Add id_rsa to the server:

For ssh from local machine just add you id_rsa.pub file to server’s .ssh/authorized_keys file. For this you have to follow these steps:

  • mkdir .ssh
  • chmod 700 .ssh
  • nano .ssh/authorized_keys
  • Paste you id_rsa.pub file here and save it.
  • chmod 600 .ssh/authorized_keys

5. Restart ssh:

  • sudo /etc/init.d/ssh restart

Now you will be able to ssh to the USER_NAME@ec2-SOME_IP_SEPRATED_BY_(-).compute-1.amazonaws.com without pem file.

Thanks for reading this blog post!!