By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Smart Card Authentication

0

Is it possible to implement Smart Card authentication in an EC2 instance? I would like to be able to use hardware tokens for access to the server via SSH. I know it can be done on bare metal, but is there a way to allow the EC2 instance to read from the USB device connected to my local computer. The closest solution I have found involves using Putty CaC to generate ssh keys, but that is not really integrated at the OS level.

Topics
ComputeSecurity, Identity, & ComplianceAWS Well-Architected Framework
Tags
Linux ProvisioningSecurity, Identity, & ComplianceAmazon EC2Security
Language
English
Mike H
asked 10 months ago373 views
1 Answer
0

Hi, You may want to follow those guidelines to use MFA via EC2 instances: https://aws.amazon.com/blogs/startups/securing-ssh-to-amazon-ec2-linux-hosts/

More recent similar guidance: https://www.middlewareinventory.com/blog/aws-mfa-ssh-ec2-setup/

Hope it helps!

Didier

profile pictureAWS
EXPERT
Didier_Durand
answered 10 months ago
  • Mike H
    10 months ago

    Didier, this will answer some of the requirement. The customer would really like for the solution to be PKI based so that revocation lists etc can be used.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content