I’m sure there are plenty of articles describe how to add/create a new user on a UBUNTU EC2 instance.
Unfortunately I couldn’t find a simple one so i decided to create this post more for my own reference.
I assume you already have a UBUNTU
EC2 instance (in my case 10.04.2 LTS ami-6afa8438 ) with a valid
key file for the default user
ubuntu and wish to grant access to an additional user.
My domain name is
sofasurfer.ch and the new user i will add is
kib.
So let’s get started.
1. Login to server with default user ubuntu and the original key-file ubuntu.pem (which has to be in the same directory as you run the command from).
ssh -i ubuntu.pem ubuntu@sofasurfer.ch
2. Add new user and insert the requested user information
sudo adduser kib
3. Add new user to admin group, which also grants you sudoer rights
sudo adduser kib admin
4. If you don’t want to enter the password each time you use sudo you can set this in the /etc/sudoers file.
sudo visudo
5. And add the following line below the ubuntu user (for security reasons not recommended)
kib ALL=(ALL) NOPASSWD:ALL
3. Switch to new user
su kib
4. Switch to home directory for new user
cd /home/kib
5. Create new rsa key and fill in the requested information (can keep all default but make sure to set a password)
ssh-keygen -t rsa
6. Change owner premission
chmod 700 .ssh
7. Rename new key files so they match new username
mv .ssh/id_rsa .ssh/id_kib_rsa
mv .ssh/id_rsa.pub .ssh/id_kib_rsa.pub
8. Combine the files to generate the authorized_keys file
cat .ssh/id*.pub > .ssh/authorized_keys
9. Change permission so only the new user can access
chmod 600 .ssh/*
10. Copy keys to tmp folder, to download later from the client, make sure they are readable by the default user.
cp .ssh/id* /tmp
chmod 644 /tmp/id*
11. Logout from EC2 server
exit
exit
12. Download new key with original ubuntu user
scp -i ubuntu.pem ubuntu@sofasurfer.ch:/tmp/id_kib_rsa ./
13. Change right for new key so they can only be accessed from current user/machine
chmod 400 id_kib_rsa
14. Login with new user
ssh -i id_kib_rsa kib@sofasurfer.ch
15. Delete keys from /tmp directory
rm -rf /tmp/id*
Done
Not sure if this is the perfect way to do so, but it worked for me 🙂
Thanks so much! These are great instructions.
if i dont want a admin user?
just a regular user
@Martin, then you don’t add:
sudo adduser kib admin
and just something like this:
sudo adduser kib users
if you prefer to have a web interface to manage your server, i would recommend
http://www.webmin.com/