Utkarsh Sengar

Software, Growth @upwork, ex-@OpenTable, @ebay, @RedLaserApp, build side projects at thearea42.com, life long learner, always up to something, 🚀


In an organization of say 5, some times you need to give many people access to the same EC2 Instance. Sharing the private key and the password b/w 5 users is definitely not a good idea!

So, how do you fix this problem? You create multiple accounts on the Linux EC2 instance and generate keys for every individual accounts, here is how you do it:

Step 0. Login by default user, “ec2-user”:

static-9:ec2_thelostlogbook utkarsh$ ssh -i my_key.pem ec2-user@111.111.11.111

Step 1. Create a new user, we will call our new user “john”:

[ec2-user@ip-11-111-111-111 ~]$ sudo adduser john

Set password for “john” by: [ec2-user@ip-11-111-111-111 ~]$ sudo su [root@ip-11-111-111-111 ec2-user]$ passwd john

Add “john” to sudoer’s list by: [root@ip-11-111-111-111 ec2-user]$ visudo

and add this to the last line: john ALL = (ALL) ALL

Alright! We have our new user created, now you need to generate the key file which will be needed to login, like we have my_key.pem in Step 0.

Now, exit and go back to ec2-user, out of root.

Step 2. Creating the public and private keys:

[ec2-user@ip-11-111-111-111 ~]$ su john

Enter the password you created for “john” in Step 1. [john@ip-11-111-111-111 ec2-user]$ cd /home/john/ [john@ip-11-111-111-111 ~]$ ssh-keygen -b 1024 -f john -t dsa [john@ip-11-111-111-111 ~]$ mkdir .ssh [john@ip-11-111-111-111 ~]$ chmod 700 .ssh [john@ip-11-111-111-111 ~]$ cat john.pub > .ssh/authorized_keys [john@ip-11-111-111-111 ~]$ chmod 600 .ssh/authorized_keys [john@ip-11-111-111-111 ~]$ sudo chown john:ec2-user .ssh

In the above step, john is the user we created and ec2-user is the default user group. [john@ip-11-111-111-111 ~]$ sudo chown john:ec2-user .ssh/authorized_keys

Step 3. Now you just need to download the key called “john”

I use scp to download/upload files from EC2, here is how you can do it:

You will still need to copy the file using ec2-user, since you only have the key for that user name. So, you will need to move the key to ec2-user folder and chmod it to 777. [john@ip-11-111-111-111 ~]$ sudo cp john /home/ec2-user/ [john@ip-11-111-111-111 ~]$ sudo chmod 777 /home/ec2-user/john

Now come to local machine’s terminal, where you have my_key.pem file and do this: static-9:ec2_thelostlogbook utkarsh$ scp -i my_key.pem ec2-user@111.111.11.111:/home/ec2-user/john john

The above command will copy the key “john” to the present working directory on your local machine. Once you have copied the key to your local machine, you should delete “/home/ec2-user/john”, since it’s a private key.

Now, one your local machine chmod john to 600. static-9:ec2_thelostlogbook utkarsh$ chmod 600 john

Step 4. Time to test your key:

static-9:ec2_thelostlogbook utkarsh$ ssh -i john john@111.111.11.111

So, in this manner, you can setup multiple users to use one EC2 instance!!

PS: Please post your comments if you find any error.