使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

How can I securely share SSH access to an EC2 instance?

0

Hi! I'm fairly new to AWS and devops in general. I have EC2 instances that are connected to my account. I created and set up both instances and the keys I use to SSH into them. Since I am working on this project with other people, I want to give them SSH access to the instances. However, sharing the .pem files doesn't seem to work. I've already added their IPs to the security group inbound rules for port 22. I can SSH just fine though.

主題
管理與治理運算
標籤
AWS Command Line InterfaceAmazon EC2
語言
English
KaylaLe
已提問 4 個月前檢視次數 274 次
4 個答案
1

Hello.

What kind of error are you getting when connecting?
Do you and other members use the same SSH connection method?
Is there any difference, for example, other members are using PuTTY but you are connecting using SSH client commands?

Also, have you checked the SSH logs?
I think the log is output to the file below, so please check it.
If there are no problems with the EC2 security group, the SSH connection log should remain, so I think the error will be recorded when it fails.

/var/log/secure

In some cases, it may be a good idea to connect using Systems Manager Session Manager instead of SSH.
This method requires a little setup on EC2, but it allows you to connect without having to allow SSH in a security group or using an SSH key.
https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-prerequisites.html

profile picture
專家
Riku_Kobayashi
已回答 4 個月前
profile picture
專家
Gary Mclean
已審閱 4 個月前
1

You're best off not sharing the key for the ec2-user (I'm presuming that's what the default user is called, though it could be ubuntu or centos depending on the version of Linux), and instead create individual user accounts for everybody, including yourself https://linuxize.com/post/how-to-create-users-in-linux-using-the-useradd-command/

Each user can generate their own keypair, and provide the public key to you, and you can load it on the EC2 instance https://unix.stackexchange.com/questions/630186/how-to-add-ssh-keys-to-a-specific-user-in-linux

Instead of SSH keys you could enable password login, it's probably not recommended on an EC2 that is interent-facing as it leaves you vulnerable to brute-force attacks, so I'm just mentioning it for completeness https://repost.aws/questions/QUE9_NBn5MQ5KgpjVyyy3ISA/unable-to-login-with-username-and-password-in-redhat-machine-created-in-aws

profile picture
專家
Steve_M
已回答 4 個月前
profile picture
專家
Gary Mclean
已審閱 4 個月前
profile pictureAWS
專家
Didier_Durand
已審閱 4 個月前
1

To troubleshoot ssh on ec2 you can try out this guide: https://repost.aws/knowledge-center/ec2-linux-ssh-troubleshooting or in general just use the search functionality in repost

profile picture
專家
Antonio_Lagrotteria
已回答 4 個月前
1

Sounds like it’s going to be user error if you can get in but your friends can’t.

Make sure they are using th correct user name.

Make sure they are using the correct ssh key for the correct instance.

Have them relay the error message back to you.

profile picture
專家
Gary Mclean
已回答 4 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容