For linux distribution
-
Generate keygen for your local system
ssh-keygen -t rsa -C '<email>'
-
change permission of ssh key file to read only
chmod 400 ~/.ssh/id_rsa
For WSL distribution
- Copy .pem file too .ssh directory
cp file.pem ~/.ssh/
- change permission of .pem file to read only
chmod 600 ~/.ssh/file.pem
Access now as:
ssh -i your_pem_file.pem ubuntu@ec2-________.compute-1.amazonaws.com
To setup this flow, first Login to your EC2 instance using your .pem file and follow steps below
- Add new user that will access the instance using password.
sudo useradd -s /bin/bash -m -d /home/USERNAME -g root USERNAME
where:
s /bin/bash
: use /bin/bash as the standard shellm -d /home/USERNAME
: create a home directory at /home/USERNAMEg root
: add to group rootUSERNAME
: the username of the new user
- Create a strong password for the new user:
$ sudo passwd USERNAME
Enter new UNIX password:
Retype new UNIX password:
- Add user to sudoers file by using
sudo visudo
and add the following line:USERNAME ALL=(ALL:ALL) ALL
- Enable password authentication by editing
/etc/ssh/sshd_config
: changePasswordAuthentication no
toPasswordAuthentication **yes**
- Restart ssh service:
sudo /etc/init.d/ssh restart
- Logout of your instance (exit) and try your new login without the .pem file:
$ ssh USERNAME@ec2-________.compute-1.amazonaws.com
USERNAME@ec2-________.compute-1.amazonaws.com's password: