Originally Posted by unclesamcrazy
Can I make this pem file for my local CentOS server so I do not need to give password to each user. I will give the pem file and user will be inside centOS in their account.
Under NO conditions would I do this. You compromise your entire server by exposing your AWS .pem file to each user.
What I do is create a new ssh key for each user and stick the contents of each user's key.pub into each users home/.ssh directory
You may have to make this directory and file.
give out that .pem file. EVER.
give out your aws_access_key OR aws_secret_key contents to anyone you don't trust either.
You can generate keys for each "user" on any machine using
ssh-keygen -f /path/to/safe/directory/user1-id_rsa -t rsa -N '' -q
can be Bob, Carol, Ted, or Alice usernames on the Amazon instance.
then copy the [Bob,Carol,Ted.Alice].pub
contents of each user's key to each user's home/$user/.ssh/authorized_keys file
Make sure that authorized_keys is owned by each user and is chmod'd 600
You can even do this for root. I would, just to keep the .pem file safe.
Give [Bob,Carol,Ted.Alice] key (not the .pub extension) to Bob,Carol,Ted and Alice and they stick the key in their local machine's .ssh directory and use it in a similar manner as the pem you shown here...
ssh -qi /path/to/key user@ip_of_instance
IF you have an EIP associated with the instance and you'll need one for public assess.
ssh -i /path/to/key email@example.com
It's good practice and you'll need the experience if you're going to have "users".
You'll need to understand SecurityGroups
If you get stuck, you should read and bookmark http://docs.aws.amazon.com/gettingst...tro/intro.html
You can also send me an email to
lq at cirrhus9 dot com
that is el que, NOT eye queue
or I am subscribed with interest...