[LINUX] Setting new user and authentication key when ssh-copy-id command fails on ec2 etc.

It's an ssh-copy-id command that you can see in many places ...

You can only use it when other authentication methods such as password authentication are valid. I get this error:

ssh-copy-id -i ~/.ssh/key_taiyo.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/taiyo/.ssh/key_taiyo.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]: Permission denied (publickey).

If you only have a .pem authentication key by default, such as AWS ec2 or lightsail, you need another method. I'll just write it manually. It's easy.

Rough flow: Preparation ~ Remote installation ~ sshd restart

Create a key pair on your local machine Create user remotely Create user's ~ .ssh folder Set up public key sshd reboot

Preparation:

#Preparation: Create a key pair on the local machine side
ssh-keygen -f ~/.ssh/key_taiyo -t rsa

##Preparation: Register the key file on the local machine side
ssh-add ~/.ssh/key_taiyo

##Preparation: Check the contents of the public key(Later posted to the remote side with ssh)
cat ~/.ssh/key_taiyo.pub

#Caution: ssh-copy-The id command requires pw authentication once and is vulnerable, so do not use it over the net.
# "Temporarily PasswordAuthentication yes"If you google the method to do it, it will come out, but it is not recommended.

On the remote side

#User created
adduser taiyo

#Switch to user
su taiyo

# .Install ssh
mkdir ~/.ssh

#In this file.Paste the contents of the pub as it is
nano ~/.ssh/authorized_keys

#Restart sshd
sudo systemctl restart sshd
#If you get an error, you may need to set permissions
chmod 700 ~/.ssh
chmod 600 ~/.ssh/*

This allows remote login with any user key pair.

You can kill the default ubuntu user. After that, let's set it according to the work such as adding to sudoer.

The worker environment is MacOS 10.15.3 and the remote is Ubuntu 18.04, but I think it is common to most * nix.

Recommended Posts

Setting new user and authentication key when ssh-copy-id command fails on ec2 etc.
[SSH] About public key authentication and EC2