Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

How can I securely share SSH access to an EC2 instance?

0

Hi! I'm fairly new to AWS and devops in general. I have EC2 instances that are connected to my account. I created and set up both instances and the keys I use to SSH into them. Since I am working on this project with other people, I want to give them SSH access to the instances. However, sharing the .pem files doesn't seem to work. I've already added their IPs to the security group inbound rules for port 22. I can SSH just fine though.

Themen
Management & UnternehmensführungKalkulation
Tags
AWS BefehlszeilenschnittstelleAmazon EC2
Sprache
English
KaylaLe
gefragt vor 4 Monaten273 Aufrufe
4 Antworten
1

Hello.

What kind of error are you getting when connecting?
Do you and other members use the same SSH connection method?
Is there any difference, for example, other members are using PuTTY but you are connecting using SSH client commands?

Also, have you checked the SSH logs?
I think the log is output to the file below, so please check it.
If there are no problems with the EC2 security group, the SSH connection log should remain, so I think the error will be recorded when it fails.

/var/log/secure

In some cases, it may be a good idea to connect using Systems Manager Session Manager instead of SSH.
This method requires a little setup on EC2, but it allows you to connect without having to allow SSH in a security group or using an SSH key.
https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-prerequisites.html

profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor 4 Monaten
profile picture
EXPERTE
Gary Mclean
überprüft vor 4 Monaten
1

You're best off not sharing the key for the ec2-user (I'm presuming that's what the default user is called, though it could be ubuntu or centos depending on the version of Linux), and instead create individual user accounts for everybody, including yourself https://linuxize.com/post/how-to-create-users-in-linux-using-the-useradd-command/

Each user can generate their own keypair, and provide the public key to you, and you can load it on the EC2 instance https://unix.stackexchange.com/questions/630186/how-to-add-ssh-keys-to-a-specific-user-in-linux

Instead of SSH keys you could enable password login, it's probably not recommended on an EC2 that is interent-facing as it leaves you vulnerable to brute-force attacks, so I'm just mentioning it for completeness https://repost.aws/questions/QUE9_NBn5MQ5KgpjVyyy3ISA/unable-to-login-with-username-and-password-in-redhat-machine-created-in-aws

profile picture
EXPERTE
Steve_M
beantwortet vor 4 Monaten
profile picture
EXPERTE
Gary Mclean
überprüft vor 4 Monaten
profile pictureAWS
EXPERTE
Didier_Durand
überprüft vor 4 Monaten
1

To troubleshoot ssh on ec2 you can try out this guide: https://repost.aws/knowledge-center/ec2-linux-ssh-troubleshooting or in general just use the search functionality in repost

profile picture
EXPERTE
Antonio_Lagrotteria
beantwortet vor 4 Monaten
1

Sounds like it’s going to be user error if you can get in but your friends can’t.

Make sure they are using th correct user name.

Make sure they are using the correct ssh key for the correct instance.

Have them relay the error message back to you.

profile picture
EXPERTE
Gary Mclean
beantwortet vor 4 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt