-
-
Save singhj/1151710 to your computer and use it in GitHub Desktop.
Give someone temporary access to your EC2 instance
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sometimes the easiest option is to give someone a key to your instance and revoke it after they are done. | |
We create a key pair, put the public key on the server, give them the private key. | |
To create the key pair for suzy, | |
cd ~/.ssh | |
ssh-keygen -b 1024 -f suzy -t dsa | |
cat suzy.pub >> authorized_keys | |
cat suzy | |
rm suzy* | |
Copy the output of "cat suzy" into a file on your client and send it to suzy. She can use it to log into the server. Notes: | |
1. If using PuTTY, the file will need to be converted into PuTTY's ppk format. This can be done using PuttyGen | |
2. Sending the key by email is unsafe. Send 90% of it by email and the remaining 10% through a different channel. | |
3. Make sure the username is the same as the one you put public key on it's ~/.ssh directory. | |
When it is time to revoke the key, remove the last line from .ssh/authorized_keys |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A better method is to ask Suzy to generate her own key pair and send you her public key.
One way to generate a public key is to have AWS create a key pair for you. But the generated key contains both the public and private parts. Use PuttyGen to create a
.ppk
file. The.ppk
file also have private and public parts so it should not be sent in an email. But if Suzy opens the.ppk
file in notepad, she can copy the public part and paste it into an email message and send it.Remove all newlines from the public key, append a line
ssh-rsa PublicKeyThatSuzySentYouMinusNewlines NameOfSuzy'sKey
to~/.ssh/authorized_keys
. Suzy should now be able to use PuTTY to log into your EC2 instance.