How can I securely share SSH access to an EC2 instance?

0

Hi! I'm fairly new to AWS and devops in general. I have EC2 instances that are connected to my account. I created and set up both instances and the keys I use to SSH into them. Since I am working on this project with other people, I want to give them SSH access to the instances. However, sharing the .pem files doesn't seem to work. I've already added their IPs to the security group inbound rules for port 22. I can SSH just fine though.

KaylaLe
demandé il y a 4 mois288 vues
4 réponses
1

Hello.

What kind of error are you getting when connecting?
Do you and other members use the same SSH connection method?
Is there any difference, for example, other members are using PuTTY but you are connecting using SSH client commands?

Also, have you checked the SSH logs?
I think the log is output to the file below, so please check it.
If there are no problems with the EC2 security group, the SSH connection log should remain, so I think the error will be recorded when it fails.

/var/log/secure

In some cases, it may be a good idea to connect using Systems Manager Session Manager instead of SSH.
This method requires a little setup on EC2, but it allows you to connect without having to allow SSH in a security group or using an SSH key.
https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-prerequisites.html

profile picture
EXPERT
répondu il y a 4 mois
profile picture
EXPERT
vérifié il y a 4 mois
1

You're best off not sharing the key for the ec2-user (I'm presuming that's what the default user is called, though it could be ubuntu or centos depending on the version of Linux), and instead create individual user accounts for everybody, including yourself https://linuxize.com/post/how-to-create-users-in-linux-using-the-useradd-command/

Each user can generate their own keypair, and provide the public key to you, and you can load it on the EC2 instance https://unix.stackexchange.com/questions/630186/how-to-add-ssh-keys-to-a-specific-user-in-linux

Instead of SSH keys you could enable password login, it's probably not recommended on an EC2 that is interent-facing as it leaves you vulnerable to brute-force attacks, so I'm just mentioning it for completeness https://repost.aws/questions/QUE9_NBn5MQ5KgpjVyyy3ISA/unable-to-login-with-username-and-password-in-redhat-machine-created-in-aws

profile picture
EXPERT
Steve_M
répondu il y a 4 mois
profile picture
EXPERT
vérifié il y a 4 mois
profile pictureAWS
EXPERT
vérifié il y a 4 mois
1

To troubleshoot ssh on ec2 you can try out this guide: https://repost.aws/knowledge-center/ec2-linux-ssh-troubleshooting or in general just use the search functionality in repost

profile picture
EXPERT
répondu il y a 4 mois
1

Sounds like it’s going to be user error if you can get in but your friends can’t.

Make sure they are using th correct user name.

Make sure they are using the correct ssh key for the correct instance.

Have them relay the error message back to you.

profile picture
EXPERT
répondu il y a 4 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions