AWS: Linux EC2 SSH new user password setup
The default user for AWS EC2 Ubuntu server is ubuntu
Initial login with .pem
file
$ ssh -i filename.pem ubuntu@ec2...-117-96.com
the filename.pem
can be path to that file e.g. ~/.ssh/filename.pem
Remarks:
- The server location is follow
@
sign. If you don’t know this click “Actions” in the AWS EC2 dashboard and then “Connect” this will show up. - If you lose
.pem
file, you have no choice but delete and create new EC2.
Note: ubuntu user
The default user ubuntu
is special since:
- This is not root user
- This user has admin privilege
- This user has no password i.e. sudo without password
Step 2: Create new user
Create new user for SSH login
In this example, user001
$ sudo adduser user001
$ sudo cat /etc/passwd
// should found user001 here
$ sudo cat /etc/passwd
// should found user001 here
Adding sudo
special power
$ sudo visudo
// seeing who can sudo found group admin can do sudo// found
// %admin ALL=(ALL) ALL
$ usermod -aG admin user001
// add user001 to group admin
// seeing who can sudo found group admin can do sudo// found
// %admin ALL=(ALL) ALL
$ usermod -aG admin user001
// add user001 to group admin
Bonus, checking this user is working
$ su user001
// type password
// check correct password is set$ groups
// check groups$ sudo cat /etc/passwd
// check this user can sudo
// type password
// check correct password is set$ groups
// check groups$ sudo cat /etc/passwd
// check this user can sudo
Step 4: Change ssh server config
Enable user/pass login from outside
// file: /etc/ssh/sshd_config
...PasswordAuthentication yes
...PasswordAuthentication yes
Step 5: Restart ssh server to make change effect
restart the server to make it load the new config i.e. sshd_config
$ systemctl
// finding something related to ssh found ‘ssh.service’$ systemctl restart ssh
// at this steps use user chakrit
// ubuntu haven’t have a password
// finding something related to ssh found ‘ssh.service’$ systemctl restart ssh
// at this steps use user chakrit
// ubuntu haven’t have a password
Now we’re done with creating user/pass login
Cheers