Create multiple sudo users to EC2 Amazon Linux

Create multiple sudo users to EC2 Amazon Linux

 

Let’s say if an organization of 5 people going to access same server and sharing the same private key / password between users is not a good idea.

This post helps you to create multiple users / accounts and generating private key for each user.

Each Linux instance type launches with a default Linux system user account. Default users for following amazon instances are as follows.

Instance Type User
Amazon Linux ec2-user
RHEL5 root or ec2-user
Ubuntu ubuntu
Fedora fedora or ec2-user
SUSE Linux root or ec2-user

If ec2-user and root don’t work, check with your AMI provider.

Two Basic operations are needed perform to get this job done:

1) To add a new user to the system:

Use adduser command and the name of the user you wish to create.
[ec2-user@ip-xxx-xx-xx-xxx ~]$ sudo adduser newuser

Above command adds the newuser account to the system (with an entry in the file /etc/passwd file), creates a newuser group , and creates a home directory for the account in /home/newuser

2) Remote access to newuser:

  1. Switch to the new account so that newly created files have the proper ownership.
  2. [ec2-user@ip-xxx-xx-xx-xxx ~]$ sudo su – newuser

  3. Create a .ssh directory for the authorized_keys file.
  4. [newuser@ip- xxx-xx-xx-xxx ~]$ mkdir .ssh

  5. Change the file permissions of the .ssh directory to 700 (this means only the file owner can read, write, or open the directory).
  6. [newuser@ip- xxx-xx-xx-xxx ~]$ chmod 700 .ssh

  7. Create a file named “authorized_keys” in the .ssh directory.
  8. [newuser@ip- xxx-xx-xx-xxx ~]$ touch .ssh/authorized_keys

  9. Change the file permissions of the authorized_keys file to 600 (this means only the file owner can read or write to the file).
  10. [newuser@ip- xxx-xx-xx-xxx ~]$ chmod 600 .ssh/authorized_keys

  11. Edit the authorized_keys file and place public/private key which is generated

 
public/private key can be created via PuTTY Key Generator.

At this level, you should now be able to login into the same Ec2 Instance with new user without any sudo permission’s.

Assigning sudo permission’s to newuser

  1. Login as ec2-user and switch to root
  2. [ec2-user@ip-XXX-XX-XX-XXX ~]$ sudo su
  3. Add “newuser” to sudoers list by
  4. [root@ip-XXX-XX-XX-XXX ec2-user]# visudo
  5. And add this to the last line
  6. newuser ALL=(ALL)NOPASSWD:ALL

INSTALLING JASPERSERVER IN AWS EC2 / LINUX

Things we need to find out before installing Jasperserver in AWS EC2 / Linux.

1)      Identifying whether your CPU is a 64bit or not. Use below command to find it

uname –m

Our CPU is a 64 bit.

 

2)      Identify whether Jasperserver default port 8080 is open or not? Below command helps you to identify it.

netstat -an | grep 8080| grep LISTEN

 

If nothing has not returned, then your port 8080 is free to use.

Installing Jasperserver

3)      Created a folder Helical and Jasperserver under home.

/home/Helical/Jasperserver.

 

4)      Downloaded Jasperserver 30-days trial from here http://www.jaspersoft.com/thanks-download-30-day

File name: Jasperreports-server-5.5-linux-x64-installer.run

 

Command used to download:

wget https://s3.amazonaws.com/jaspersoft_downloads/5.5/jasperreports-server-5.5-linux-x64-installer.run

 

If you face an Error saying “ -bash: wget: command not found.” Then it means wget package is not installed. Installed wget package using

 

yum install wget

 

Repeat wget command again.

 

5)      Downloaded “jasperreports-server-5.5-linux-x64-installer.run” under the location “/home/Helical/Jasperserver”.

 

Apply chmod 777 for the downloaded file

It was confirmed that port 8080 is not in use with any other process. Thus i am going forward with Jasperserver installation as

“./ jasperreports-server-5.5-linux-x64-installer.run”

Results of each step:

A)     Welcome to the JasperReports Server 5.5 Setup Wizard and its License Agreement. Do as it says and finals asks you to accept the license or not.

Press [Enter] to continue :

Reading the agreement

Accepting the License (y/n): Y

B)      It asks you to select the option of installation (Install All or Custom). If it is for the first time Installation select first option.

Please choose an install option below:

[1] Install All Components and Samples  (requires disk space of: 1.3 GB)

[2] Custom Install

Please choose an option [1] : 1

Jasper installation AWS 3

C)     It asks you to select a folder to install. By default it takes “/opt/jasperreports-server-5.5”

Jasper installation AWS 2

Press Enter simple Instead saying Yes(Y).

D)     It asks you to confirm the Installation by Continuing. Say (Y)

Do you want to continue? [Y/n]: Y

Jasper installation AWS

Start Your Jasperserver from the place you have installed it. Here the Jasperserver installed path is “/home/Helical/Jasperserver/y”.

Starting Jasperserver:

You can start the jasperserver in any one of the way sh ctlscript.sh start (or)  ./ ctlscript.sh start

Check the Status of the Service:

sh ctlscript.sh status

Once again the check the port number 8080 is engaged or not.

By default jasperserver uses Postgres Database thus from this installation even postgres DB will also be available on Port Number 5432 in your machine. No need to install it explicitly.

Location of Postgres: “/home/Helical/Jasperserver/y/postgresql/bin”

Now you must be able to access the Jasperserver from “ipaddress:8080/jasperserver-pro”. If not able to access it Check whether 8080 is configured to access TCP/IP incoming and outgoing in iptables.

Edit iptables as root user using vi /etc/sysconfig/iptables

 

Add a rule saying

 

-A INPUT -p tcp -m state –state NEW -m tcp –dport 8080 -j ACCEPT

 

Now you must be able to access the Jasperserver.