Access EC2 Linux box over ssh without .pem file

2 min read

You may be in the situation where you need to access your EC2 instance from any machine, not necessarily your own. It’s a pain to carry around your .pem file and a bad idea to leave it on someone elses machine too. Here’s a solution to let you login to your instance with a password. Please be aware that this is less secure (thanks rnhurt for pointing this out) than using keys, so be sure to create a strong password.

Login to your EC2 instance using your .pem file

ssh -i your_pem_file.pem ubuntu@ec2-________.compute-1.amazonaws.com

Create a new user that will access the instance using a password:

$ sudo useradd -s /bin/bash -m -d /home/USERNAME  -g root USERNAME

where:

  • -s /bin/bash : use /bin/bash as the standard shell
  • -m -d /home/USERNAME : create a home directory at /home/USERNAME
  • -g root : add to group root
  • USERNAME : the username of the new user

Create a strong password for the new user:

$ sudo passwd USERNAME
Enter new UNIX password:
Retype new UNIX password:

Add user to sudoers file by using sudo visudo and add the following line:

USERNAME  ALL=(ALL:ALL) ALL

Enable password authentication by editing /etc/ssh/sshd_config change PasswordAuthentication no  to PasswordAuthentication yes

Restart ssh:

sudo /etc/init.d/ssh restart

Logout of your instance (exit) and try your new login without the .pem file:

$ ssh USERNAME@ec2-________.compute-1.amazonaws.com
USERNAME@ec2-________.compute-1.amazonaws.com's password: