Rohit's Blogs

Understanding User Management on EC2 Instances

Rohit Deore's photo
Rohit Deore
·

4 min read

Understanding User Management on EC2 Instances

Introduction:

As the use of Amazon EC2 instances continues to grow, having a well-organized approach to managing users becomes essential. It not only boosts security but also makes day-to-day tasks much easier. Let's jump into the basics of user management.

Steps to follow:

1. Connect to Your EC2 Instance Using SSH:

SSH (Secure Shell) is a cryptographic network protocol that allows you to securely access remote servers, like your EC2 instance. Follow these steps to connect:

Step 1: Get Your Private Key Ready:

You should have received a private key file (usually a .pem file) when you created your EC2 instance. This private key is used to authenticate your connection.

Step 2: Open a Terminal:

On your local computer (the computer you're connecting from), open a terminal window. If you're using a Mac or Linux, you can use the built-in Terminal. If you're using Windows, you might need to use a tool like PuTTY or the Windows Subsystem for Linux (WSL).

Step 3: Set Appropriate Permissions for Your Private Key:

To ensure the security of your private key, set the permissions so that only you can read it:

chmod 400 path/to/your-private-key.pem

Replace path/to/your-private-key.pem with the actual path to your private key file.

We will study "chmod" in detail further.

Step 4: Connect to Your EC2 Instance:

Use the ssh command to initiate the SSH connection. Replace the placeholders with your actual information:

ssh -i path/to/your-private-key.pem ec2-user@your-instance-ip

  • Replace path/to/your-private-key.pem with the actual path to your private key file.

  • Replace ec2-user with the appropriate username for your EC2 instance. For Amazon Linux instances, this is usually ec2-user.

  • Replace your-instance-ip with the actual IP address or hostname of your EC2 instance.

Press Enter to execute the command.

Step 5: Accept the Remote Host Key:

The first time you connect to a new server, SSH will ask you to confirm the authenticity of the host by displaying a fingerprint. Verify that this fingerprint matches the expected fingerprint for your EC2 instance, then type "yes" to continue.

Step 6: You're In!

After accepting the remote host key, you should be connected to your EC2 instance via SSH. You'll see a command prompt that indicates you're on the remote server.

Note: If you encounter any issues connecting, double-check your private key's permissions, the correct username, and the IP address or hostname.

That's it! You're now connected to your EC2 instance using SSH, ready to perform various tasks and management operations. Remember to keep your private key secure and never share it with anyone.

2. Add a New User: Replace newusername with the desired username.

sudo adduser newusername

Follow the prompts to set a password and additional user information.

3. Grant Administrative Privileges (Optional): To allow the new user to perform administrative tasks, add them to the sudo group. This requires root access:

sudo usermod -aG sudo newusername

  • sudo: The "sudo" command stands for "superuser do" and is used to execute commands with elevated privileges (superuser or root). It allows authorized users to perform administrative tasks.

  • usermod: This command is used to modify user account properties. In this case, you're modifying group membership.

  • -aG: The options -aG are used to add (-a) the user to a specific group (-G).

  • sudo: This specifies the group to which you want to add the user. On most Debian-based systems, the group "sudo" is used to grant administrative privileges. This group enables users to run commands with elevated privileges using the sudo command.

  • newusername: Replace this with the actual username of the user you want to grant administrative privileges to.

So, when you run the command sudo usermod -aG sudo newusername, you're adding the user specified by newusername to the "sudo" group, which allows them to execute commands with administrative privileges using the sudo command.

4. Change Group Membership: To change the group membership of a user:

sudo usermod -g newgroup newusername

5. Change Permissions for the User: You can modify file and directory permissions to grant access to the user. Use the chmod and chown commands to do so.

Example: Grant read, write, and execute permissions on a directory and its contents to the user:

sudo chmod -R u+rwx /path/to/directory
sudo chown -R newusername:newgroup /path/to/directory

6. Delete a User: To delete a user and their home directory:

sudo deluser username

7. Revoke Administrative Privileges (Optional): If the user had administrative privileges, remove them from the sudo group:

sudo deluser newusername sudo

Note: These instructions are generally applicable to Linux-based EC2 instances. If you are using Windows-based instances, the process will be different, involving PowerShell and other Windows-specific commands.

Now that you've mastered the art of user management on EC2 instances, you're ready to take on the challenges of cloud computing with confidence. Secure, organized, and empowered, you're on your way to maximizing the potential of your Amazon EC2 environment.

Keep Learning...

#learnwithsagar#getfitwithsagarDevopsEC2 instance