Create multiple sudo users to EC2 Amazon Linux
Let’s say if an organization of 5 people going to access same server and sharing the same private key / password between users is not a good idea.
This post helps you to create multiple users / accounts and generating private key for each user.
Each Linux instance type launches with a default Linux system user account. Default users for following amazon instances are as follows.
Make data easy with Helical Insight. Helical Insight is world's best open source business intelligence tool.
Click Here to Free Download
Instance Type | User |
---|---|
Amazon Linux | ec2-user |
RHEL5 | root or ec2-user |
Ubuntu | ubuntu |
Fedora | fedora or ec2-user |
SUSE Linux | root or ec2-user |
If ec2-user and root don’t work, check with your AMI provider.
Two Basic operations are needed perform to get this job done:
1) To add a new user to the system:
Use adduser command and the name of the user you wish to create.
[ec2-user@ip-xxx-xx-xx-xxx ~]$ sudo adduser newuser
Above command adds the newuser account to the system (with an entry in the file /etc/passwd file), creates a newuser group , and creates a home directory for the account in /home/newuser
2) Remote access to newuser:
-
- Switch to the new account so that newly created files have the proper ownership.
[ec2-user@ip-xxx-xx-xx-xxx ~]$ sudo su – newuser
-
- Create a .ssh directory for the authorized_keys file.
[newuser@ip- xxx-xx-xx-xxx ~]$ mkdir .ssh
-
- Change the file permissions of the .ssh directory to 700 (this means only the file owner can read, write, or open the directory).
[newuser@ip- xxx-xx-xx-xxx ~]$ chmod 700 .ssh
-
- Create a file named “authorized_keys” in the .ssh directory.
[newuser@ip- xxx-xx-xx-xxx ~]$ touch .ssh/authorized_keys
-
- Change the file permissions of the authorized_keys file to 600 (this means only the file owner can read or write to the file).
[newuser@ip- xxx-xx-xx-xxx ~]$ chmod 600 .ssh/authorized_keys
- Edit the authorized_keys file and place public/private key which is generated
public/private key can be created via PuTTY Key Generator.
At this level, you should now be able to login into the same Ec2 Instance with new user without any sudo permission’s.
Assigning sudo permission’s to newuser
Make data easy with Helical Insight. Helical Insight is world's best open source business intelligence tool.
Get your 30 Days Trail Version
-
- Login as ec2-user and switch to root
[ec2-user@ip-XXX-XX-XX-XXX ~]$ sudo su
-
- Add “newuser” to sudoers list by
[root@ip-XXX-XX-XX-XXX ec2-user]# visudo
-
- And add this to the last line
newuser ALL=(ALL)NOPASSWD:ALL
Best Open Source Business Intelligence Software Helical Insight is Here