In some cases, you may want to give temporary access to a user without sharing the SSH keys (since by default PasswordAuthentication is turned off) for the instance. You can do so by temporarily enabling password based authentication and creating a temporary user
1. Log into the EC2 instance using ssh keys and then edit /etc/ssh/sshd_config file as below:-
**************
/etc/ssh/sshd_config
#PermitEmptyPasswords no
#PasswordAuthentication no
PasswordAuthentication yes
**************
2. After enabling the PasswordAuthentication property; bounce the ssh daemon
**************
$sudo service sshd restart
**************
3. Create a temporary user and set the user's password:-
**************
$sudo useradd -d /home/tempuser -m -s /bin/bash tempuser
$sudo passwd tempuser
**************
4. Once the user has completed the work, you can remove user and subsequently turn off the PasswordAuthentication property
**************
$sudo userdel tempuser
**************
1. Log into the EC2 instance using ssh keys and then edit /etc/ssh/sshd_config file as below:-
**************
/etc/ssh/sshd_config
#PermitEmptyPasswords no
#PasswordAuthentication no
PasswordAuthentication yes
**************
2. After enabling the PasswordAuthentication property; bounce the ssh daemon
**************
$sudo service sshd restart
**************
3. Create a temporary user and set the user's password:-
**************
$sudo useradd -d /home/tempuser -m -s /bin/bash tempuser
$sudo passwd tempuser
**************
4. Once the user has completed the work, you can remove user and subsequently turn off the PasswordAuthentication property
**************
$sudo userdel tempuser
**************
Wow.. temporary access to a EC2 instance without sharing ssh keys. This is wonderful and very helpful information. Thanks for sharing all steps.
ReplyDeleteec2 alternatives