SSH logins are susceptible to brute force attacks. A thousand things
can go wrong which could give someone unauthorized access to your
server. The best way to secure your SSH login is to use Public/Private
PEM keys. This is default login type for Amazon EC2 servers.
Unfortunately Amazon’s interface only created a single account. This
tutorial will show you how to setup additional PEM keys for other users.
Once you’ve logged into your server, do the following:
sudo su
passwd NewUser
visudo
If you are going to copy the contents of the file to a key file on your local system, just copy and paste the data into a new file.
Before using your key, make sure to change the permissions to 600.
That should do it! Hope you find this tutorial helpful. Feel free to ask any questions!
Once you’ve logged into your server, do the following:
Step 1: New Account setup
Here we will create the new account, and add them to the sudoers group.passwd NewUser
visudo
Optional: Add the user to Sudoers
Step 2: Generate the Public/Private key files
Now we will create the public and private key files for NewUser. This tutorial assumes that the user is part of the ec2-users group. If not, please make sure to change the code where applicable.Step 3: Download your private key
You will now have to download, or copy the contents of your private pem file. This should be called NewUser.pem.If you are going to copy the contents of the file to a key file on your local system, just copy and paste the data into a new file.
Before using your key, make sure to change the permissions to 600.
0 comments:
Post a Comment