在Amazon服务器里管理用户

转载：http://utkarshsengar.com/2011/01/manage-multiple-accounts-on-1-amazon-ec2-instance/

Step 0. Login by default user,“ec2-user”:

1	static-9:ec2_thelostlogbook utkarsh$ ssh -i my_key.pem ec2-user@111.111.11.111

Step 1. Create a new user, we will call ournew user “john”:

1	[ec2-user@ip-11-111-111-111 ~]$ sudo adduser john

Set password for “john” by:

1 2	[ec2-user@ip-11-111-111-111 ~]$ sudo su  [root@ip-11-111-111-111 ec2-user]$ passwd john

Add “john” to sudoer’s list by:

1	[root@ip-11-111-111-111 ec2-user]$ visudo

and add this to the last line:

1	john   ALL = (ALL)    ALL

Alright! We have our new user created, now youneed to generate the key file which will be needed to login, likewe have my_key.pem in Step 0.

Now, exit and go back to ec2-user, out ofroot.

Step 2. Creating the public and privatekeys:

1	[ec2-user@ip-11-111-111-111 ~]$ su john

Enter the password you created for “john” inStep 1.

1 2 3 4 5 6 7

[john@ip-11-111-111-111 ec2-user]$ cd /home/john/  [john@ip-11-111-111-111 ~]$ ssh-keygen -b 1024 -f john -t dsa  [john@ip-11-111-111-111 ~]$ mkdir .ssh  [john@ip-11-111-111-111 ~]$ chmod 700 .ssh  [john@ip-11-111-111-111 ~]$ cat john.pub > .ssh/authorized_keys  [john@ip-11-111-111-111 ~]$ chmod 600 .ssh/authorized_keys  [john@ip-11-111-111-111 ~]$ sudo chown john:ec2-user .ssh

In the above step, john is the user we createdand ec2-user is the default user group.

1	[john@ip-11-111-111-111 ~]$ sudo chown john:ec2-user .ssh/authorized_keys

Step 3. Now you just need to download the keycalled “john”

I use scp todownload/upload files from EC2, here is how you can doit:

You will still need to copy the file usingec2-user, since you only have the key for that user name. So, youwill need to move the key to ec2-user folder and chmod it to777.

1 2	[john@ip-11-111-111-111 ~]$ sudo cp john /home/ec2-user/  [john@ip-11-111-111-111 ~]$ sudo chmod 777 /home/ec2-user/john

Now come to local machine’s terminal, whereyou have my_key.pem file and do this:

1	static-9:ec2_thelostlogbook utkarsh$ scp -i my_key.pem ec2-user@111.111.11.111:/home/ec2-user/john john

The above command will copy the key “john” tothe present working directory on your local machine. Once you havecopied the key to your local machine, you should delete“/home/ec2-user/john”, since it’s a private key.

Now, one your local machine chmod john to600.

1	static-9:ec2_thelostlogbook utkarsh$ chmod 600 john

Step 4. Time totest your key:（111.111.11.111为服务器的IP）

1	static-9:ec2_thelostlogbook utkarsh$ ssh -i john john@111.111.11.111

So, in this manner, you can setup multipleusers to use one EC2 instance!!