Sunday, April 29, 2018

disabling aws ssh login using keys from *.pem files while using linux & create new user login with password using ssh

In this article we will see how we can use password based login instead of private keys in a ubuntu linux. When you create a linux instance in aws you are asked to save a private key to connect to the instance using ssh. This is how you connect fom your windows machine using putty or git bash

ssh -i 'c:\Users\Tarique\.ssh\MyKeyPair.pem'

Sometimes we may have a situation where we may need to have a direct password based access to the same instance. we will follow the following steps to achieve this

1. create new user to allow access to your ubuntu instance. it will prompt for unix password for new user & additional details.

    ubuntu@ip-172-31-9-45:~$ sudo adduser testfoo

2. optionally you can grant sudo access to the new user

    ubuntu@ip-172-31-9-45:~$ sudo usermod -aG sudo testfoo

3. change to root user to edit sshd_config file. we will take a backup before editing.

    ubuntu@ip-172-31-9-45:~$ sudo su
    root@ip-172-31-9-45:~$ cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

    root@ip-172-31-9-45:~$ vi /etc/ssh/sshd_config

4. set PasswordAuthentication property to yes in the file. It is by default set to no in a new aws instance.

5. reload & restart sshd 

   root@ip-172-31-9-45:~$  sshd -t 

   root@ip-172-31-9-45:~$ service sshd restart

   root@ip-172-31-9-45:~$ exit

6.  connect your ubuntu instance using new user


Please note that ssh using keys are more secure and less prone to attacks. This alternative is only if you have some specific requirement. Please choose a complex password for your safety.

Author: Tarique Habibullah