1

I'm only working with terminal in order to create a user on a linux machine (ec2).

When creating a new user and then generating an ssh key for this user ssh-keygen -f rsa I do this

I then get a rsa.pub file in the users home directory and I also have an .ssh directory with an authorized_keys file.

What I don't know now is how can I download the private key as a file to my computer in order to connect to the instance.

Thanks Matt

Matt
  • 43
  • 1
  • 3
  • 11

2 Answers2

1

You can use scp to transfer a file from the server.

scp -i <ec2-ssh-key> ec2-user@your-instance:/path/to/rsa <local_path>

It is also possible just to copy the content of a private key and paste into a local file.

e.g.

cat ~/.ssh/rsa

Vikyol
  • 161
  • 4
  • which one is the file I need to download? I don't have an ec2-key.pem yet on the machine for the new user – Matt Oct 17 '19 at 12:08
  • How do you connect to the EC2 instance? You use the same pem file to issue the scp command from your local host. – Vikyol Oct 17 '19 at 12:21
  • I use my very own pem file yes, that I got when creating the account. However I'm looking to create a new connection file only for this instance (my pem file works for all instances) that I can share with let's say a thrid party developer somewhere to have access to the machine. – Matt Oct 18 '19 at 08:37
1

Following steps to setup passwordless authentication on EC2.

  1. Login to you EC2 machine as a root user.

  2. Create a new user

    useradd -m <yourname> 
sudo su <yourname>
cd 
mkdir -p ~/.ssh
touch ~/.ssh/authorized_keys

Append contents of file ~/.ssh/id_rsa.pub on you local machine to ~/.ssh/authorized_keys on EC2 machine.

chmod -R 700 ~/.ssh
chmod 600 ~/.ssh/*

  1. Make sure sshing is permitted by the machine. In file /etc/ssh/sshd_config, make sure that line containing "PasswordAuthentication yes" is uncommented. Restart sshd service if you make any change in this file:

    service sshd restart # On Centos

    service ssh restart # On Ubuntu

  2. Your passwordless login should work now. Try following on your local machine:

ssh -A @ec2-xx-xx-xxx-xxx.ap-southeast-1.compute.amazonaws.com

Sukhjinder Singh
  • 1,994
  • 2
  • 9
  • 17