- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Before doing anything, it's advisable to spin up a throwaway EC2 to practise this on first, as if anything goes wrong you could find yourself unable to login using any account. Once you're confident you know the process, apply the steps to the host you want to work on for real.
The easiest way to deny SSH access for ec2-user is to add an entry for DenyUsers ec2-user
to /etc/ssh/sshd_config
and then restart the SSH service sudo systemctl restart sshd
https://linux.die.net/man/5/sshd_config
DenyUsers
This keyword can be followed by a list of user name patterns, separated by spaces. Login is disallowed for user names that match one of the patterns.
Alternatively, you can remove the private key for ec2-user (on Amazon Linux, will be in /home/ec2-user/.ssh/authorized_keys
) and once there is no private key to match your public key, any attempted login with it will fail.
For part 2 you need to generate a new keypair in PuTTYgen (other tools are available, but you mention you're using PuTTY), then upload the private key to the Linux host. Convert it to OpenSSH format ssh-keygen -i -f puttygen_key > openssh_key
and then append the contents of openssh_key to ~user/.ssh/authorized_keys
and make sure the .ssh
directory and the authorized_keys
file are readable only by user.
If you get stuck, do a Google search for something like linux setup passwordless ssh and you will get pages and pages of helpful answers.
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata 2 anni fa