Add new user to EC2 Instance
Connect to Your EC2 Instance
Make sure you have the private key (.pem
file) that matches the EC2 instance. Connect to your instance using SSH:
ssh -i /path/to/your-key.pem admin@your-ec2-ip-address
Note: For Debian-based AMIs, the default username is often admin
or debian
. Adjust as needed.
Create a New User
Once you're logged into the machine, you can create a new user using the adduser
command:
sudo adduser username
Replace username
with the desired user name. Follow the prompts to set a password and other details for the new user.
Add the New User to the Sudo Group
On Debian systems, users that are members of the sudo
group are allowed to execute commands with superuser privileges. Add your new user to the sudo
group:
sudo usermod -aG sudo username
Again, replace username
with the name of the user you created.
Verify the Sudo Permissions
To ensure that your new user has sudo access, switch to that user and try executing a command with sudo:
su - username
sudo ls -la /root
If everything was set up correctly, the ls
command should list the contents of the root user's home directory without any errors. It will prompt for the password of username
.
if you want the new user to authenticate with an SSH key pair (which is a good practice for EC2 instances), you should set that up as well. Here's how to do it:
On Your Local Machine
Generate an SSH key pair for the new user:
ssh-keygen -t rsa -b 4096 -f /path/to/new_key
This command will generate two files: /path/to/new_key
(the private key) and /path/to/new_key.pub
(the public key). Ensure the private key is kept secure.
Back on the EC2 Instance
Switch to the new user:
su - username
Create the .ssh
directory and set its permissions:
mkdir ~/.ssh
chmod 700 ~/.ssh
Create or edit the ~/.ssh/authorized_keys
file:
nano ~/.ssh/authorized_keys
Paste the contents of /path/to/new_key.pub
(from your local machine) into this file. Save and close the file.
Set the appropriate permissions for the authorized_keys
file:
chmod 600 ~/.ssh/authorized_keys
Exit back to the original user:
exit
Connect as the New User from Your Local Machine
Now, you should be able to SSH into the EC2 instance as the new user using the new private key:
ssh -i /path/to/new_key username@your-ec2-ip-address
By following these steps, the new user will authenticate using their private key (new_key
) rather than a password. This method is more secure for remote connections.
Last updated
Was this helpful?