- 最新
- 最多得票
- 最多評論
Before doing anything, it's advisable to spin up a throwaway EC2 to practise this on first, as if anything goes wrong you could find yourself unable to login using any account. Once you're confident you know the process, apply the steps to the host you want to work on for real.
The easiest way to deny SSH access for ec2-user is to add an entry for DenyUsers ec2-user
to /etc/ssh/sshd_config
and then restart the SSH service sudo systemctl restart sshd
https://linux.die.net/man/5/sshd_config
DenyUsers
This keyword can be followed by a list of user name patterns, separated by spaces. Login is disallowed for user names that match one of the patterns.
Alternatively, you can remove the private key for ec2-user (on Amazon Linux, will be in /home/ec2-user/.ssh/authorized_keys
) and once there is no private key to match your public key, any attempted login with it will fail.
For part 2 you need to generate a new keypair in PuTTYgen (other tools are available, but you mention you're using PuTTY), then upload the private key to the Linux host. Convert it to OpenSSH format ssh-keygen -i -f puttygen_key > openssh_key
and then append the contents of openssh_key to ~user/.ssh/authorized_keys
and make sure the .ssh
directory and the authorized_keys
file are readable only by user.
If you get stuck, do a Google search for something like linux setup passwordless ssh and you will get pages and pages of helpful answers.
相關內容
- 已提問 6 個月前
- 已提問 6 個月前
- 已提問 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 7 個月前
- AWS 官方已更新 1 年前