SSH key managment for many users

Hi,

I need to assign ssh key pairs to the EC2 instances for multiple IAM users. So what i want to have:

IAM users [user1,user2,user3], out of them [user1,user2] should have separate (each IAM user should have its own user in VM) SSH access to the [VM-1,VM-2] EC2 instances, and the [user3] should have access only to the [VM-3] instance.

Do i need to generate ssh key pairs, create users inside the EC2 instance, assign permissions for those users - manually, and then also manually add those SSH pub keys in the EC2 instances? Or AWS has service that can do it automatically for me?

Joann

Topics

Security, Identity, & Compliance Compute

Tags

AWS Identity and Access Management Amazon EC2 Session Management

Language

English

Joann Babak

asked 2 years ago569 views

1 Answer

Newest
Most votes
Most comments

Accepted Answer

You can do that. But it's additional work that you have to do. However, check out Systems Manager Session Manager as it does a lot of the heavy lifting for you.

EXPERT

Brettski-AWS

answered 2 years ago

Joann Babak
2 years ago
Okay, by default session manager not using the SSH, so i did this https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-enable-ssh-connections.html , then i was able to get the SSH connection, but as i understood its SSH session over system manager session, so i have more questions 1) How i can automate adding ssh keys into the instances 2) Is there possibility to use pure SSH sessions?
Joann Babak
2 years ago
NVM, found this https://stackoverflow.com/questions/24409095/create-an-ec2-instance-with-multiple-key-pairs , apparently i will need to manually ( or in my case in docker-image ) add the pub keys.

Relevant content

Enter passphrase for key '/home/ec2-user/.ssh/lab-3-key - Cloud9, pcluster, FDS
Accepted Answer
Amazon-User-25
asked 2 years ago
How to connect to AWS EC2 instance if lost SSH key pair
Accepted Answer
rePost-User-1944103
asked a year ago
SSH key managment for multiple accounts
Accepted Answer
Joann Babak
asked 2 years ago
Key Pair Needed For Instance id -i-0bd058a5844e262e7
AWS Problem
asked 22 days ago
How do I turn on SSH public key authentication for the fsxadmin user on my FSx for ONTAP file system?
AWS OFFICIALUpdated 7 months ago
How can I connect to my Amazon EC2 instance if I lost my SSH key pair after its initial launch?
AWS OFFICIALUpdated 2 years ago
How do use PuTTY or Filezilla to connect to my Lightsail instance if I lost the SSH key pair?
AWS OFFICIALUpdated a month ago
How can I use a single SSH key pair for all my AWS Regions?
AWS OFFICIALUpdated 3 years ago
AWS Transfer Family announces multiple methods to authenticate SFTP users
EXPERT
AWSTransferFamily-SY
published 8 months ago
Announcing support for multiple host keys and key types for AWS Transfer Family servers
EXPERT
sagarb-aws
published 2 years ago