- Newest
- Most votes
- Most comments
Before doing anything, it's advisable to spin up a throwaway EC2 to practise this on first, as if anything goes wrong you could find yourself unable to login using any account. Once you're confident you know the process, apply the steps to the host you want to work on for real.
The easiest way to deny SSH access for ec2-user is to add an entry for DenyUsers ec2-user to /etc/ssh/sshd_config and then restart the SSH service sudo systemctl restart sshd
https://linux.die.net/man/5/sshd_config
DenyUsers
This keyword can be followed by a list of user name patterns, separated by spaces. Login is disallowed for user names that match one of the patterns.
Alternatively, you can remove the private key for ec2-user (on Amazon Linux, will be in /home/ec2-user/.ssh/authorized_keys ) and once there is no private key to match your public key, any attempted login with it will fail.
For part 2 you need to generate a new keypair in PuTTYgen (other tools are available, but you mention you're using PuTTY), then upload the private key to the Linux host. Convert it to OpenSSH format ssh-keygen -i -f puttygen_key > openssh_key and then append the contents of openssh_key to ~user/.ssh/authorized_keys and make sure the .ssh directory and the authorized_keys file are readable only by user.
If you get stuck, do a Google search for something like linux setup passwordless ssh and you will get pages and pages of helpful answers.
Relevant content
- Accepted Answerasked 2 years ago
- asked a year ago
AWS OFFICIALUpdated 5 months ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago
