Generate Ssh Key Mac For Aws

  1. Generate Ssh Key Mac For Aws Account
  2. Generate Ssh Key Mac For Aws Pc
  3. Generate Ssh Key Osx
  4. Generate Ssh Key Mac For Aws Server

SSH and Linux, macOS, or Unix: Set Up the Public and Private Keys for Git and CodeCommit From the terminal on your local machine, run the ssh-keygen command. Run the following command to display the value of the public key file. Sign in to the AWS Management Console and open the IAM console. Login to the AWS EC2 console and select Key Pairs in the left sidebar On the next page, click the Create Key Pair button Give the new key a name, then click the create button Download the new key, and then chmod it to 0666. Use the ssh-keygen command to generate SSH public and private key files. By default, these files are created in the /.ssh directory. You can specify a different location, and an optional password (passphrase) to access the private key file. If an SSH key pair with the same name exists in the given location, those files are overwritten.

I want to add new user accounts that can connect to my Amazon Elastic Compute Cloud (Amazon EC2) Linux instance using SSH. How do I do that?

Generate Ssh Key Mac For Aws Account

Short Description

Every Amazon EC2 Linux instance launches with a default system user account with administrative access to the instance. If multiple users require access to the instance, it's a security best practice to use separate accounts for each user.

You can expedite these steps by using cloud-init and user data. For more information, see How can I give a user permissions to connect to my EC2 Linux instance using SSH?

Resolution

Create a key pair for the new user account

  • Create a key pair, or use an existing one, for the new user.
  • If you create your own key pair using the command line, follow the recommendations at create-key-pair or New-EC2KeyPair Cmdlet for key type and bit length.
  • If you create your own key pair using a third-party tool, be sure that your key matches the guidelines at Importing Your Own Public Key to Amazon EC2.
Generate ssh key windows

Add a new user to the EC2 Linux instance

1. Connect to your Linux instance using SSH.

2. Use the adduser command to add a new user account to an EC2 instance (replace new_user with the new account name). The following example creates an associated group, home directory, and an entry in the /etc/passwd file of the instance:

Note: If you add the new_user to an Ubuntu instance, include the --disabled-password option to avoid adding a password to the new account:

3. Change the security context to the new_user account so that folders and files you create have the correct permissions:

Note: When you run the sudo su - new_user command, the name at the top of the command shell prompt changes to reflect the new user account context of your shell session.

Mac os generate ssh key

4. Create a .ssh directory in the new_user home directory:

5. Use the chmod command to change the .ssh directory's permissions to 700. Changing the permissions restricts access so that only the new_user can read, write, or open the .ssh directory.

6. Use the touch command to create the authorized_keys file in the .ssh directory:

7. Use the chmod command to change the .ssh/authorized_keys file permissions to 600. Changing the file permissions restricts read or write access to the new_user.

Retrieve the public key for your key pair

Retrieve the public key for your key pair using the method that applies to your configuration:

Verify your key pair's fingerprint

After you import your own public key or retrieve the public key for your key pair, follow the steps at Verifying Your Key Pair's Fingerprint.

Update and verify the new user account credentials

After you retrieve the public key, use the command shell session that is running under the context of the new user account to confirm that you have permission to add the public key to the .ssh/authorized_keys file for this account:

1. Run the Linux cat command in append mode:

2. Paste the public key into the .ssh/authorized_keys file and then press Enter.

Note: For most Linux command line interfaces, the Ctrl+Shift+V key combination pastes the contents of the clipboard into the command line window. For the PuTTY command line interface, right-click to paste the contents of the clipboard into the PuTTY command line window.

3. Press and hold Ctrl+d to exit cat and return to the command line session prompt.

(Optional) Allow the new user to use sudo

Note: If you don't want to allow the new user to use sudo, proceed to Verify that the new user can use SSH to connect to the EC2 instance.

1. Use the passwd command to create a password for the new user:

Note: You're prompted to reenter the password. Enter the password a second time to confirm it.

2. Add the new user to the correct group.

For Amazon Linux, Amazon Linux 2, RHEL, and CentOS:

Use the usermod command to add the user to the wheel group.

For Ubuntu:

Use the usermod command to add the user to the sudo group.

Verify that the new user can use SSH to connect to the EC2 instance

1. Verify that you can connect to your EC2 instance when using ssh as the new_user by running the following command from a command line prompt on your local computer:

To connect to your EC2 Linux instance using SSH from Windows, follow the steps at Connecting to Your Linux Instance from Windows Using PuTTY.

2. After you connect to your instance as the new_user by using SSH, run the id command from the EC2 instance command line to view the user and group information created for the new_user account:

The id command returns information similar to the following:

3. Distribute the private key file to your new user.

Related Information

Anything we could improve?

Need more help?

Related Videos

Joel shows you how to manage user accounts on your Amazon EC2 Linux instance (5:47)

PuTTYgen is a key generator tool for creating pairs of public and private SSH keys. It is one of the components of the open-source networking client PuTTY. Although originally written for Microsoft Windows operating system, it is now officially available for multiple operating systems including macOS, Linux. PuTTYgen.exe is the graphical tool on Windows OS. While on the other side, Linux OS has the only command-line version could be accessible using SSH commands.

  • 1 Download PuTTYgen
    • 1.1 Download PuTTYgen on Windows
    • 1.2 Download PuTTYgen for Mac
    • 1.3 Download PuTTYgen for Ubuntu/Linux
      • 1.3.3 Types of Keys Supported on PuTTYgen

Puttygen aka Putty Key Generator

The key generation utility – PuTTYgen can create various public-key cryptosystems including Rivest–Shamir–Adleman (RSA), Digital Signature Algorithm (DSA), Elliptic Curve Digital Signature Algorithm (ECDSA), and Edwards-curve Digital Signature Algorithm (EdDSA) keys.

The aforementioned public-key cryptosystems principally focus on secure data transmission and digital signatures.

Although PuTTYgen collects keys in its native file format i.e. .ppk files, the keys can easily be converted to any file format. For Windows, the software interface is PuTTYgen.exe, whereas, for Linux OS the command-line adaptation is available using SSH commands.

How to use PuTTYgen?

PuTTYgen is used to generate public or private key pair for creating SSH keys. Below is the complete guidance about how to generate RSA key in the Windows operating system:

  1. Once you install the PuTTY on your machine, you can easily run PuTTYgen. For the same, go to Windows -> Start Menu -> All Programs -> PuTTY -> PuTTYgen.
  2. You will see the PuTTY key generator dialog box on your screen
  3. You will find a “Generate” button in that dialog. Clicking on it will lead to generating the keys for you.
  4. Now you will need to add a unique key passphrase in the Key passphrase and Confirm passphrase field.
  5. Click on the “Save Public Key” and “Save Private Key” buttons to save your public and private keys.
  6. You will see the text starting with ssh-RSA in the Public key for pasting into OpenSSH authorized_keys file field which is located at the top of the window. Copy that entire text to your clipboard by pressing ctrl+c as you will require the key to paste on your clipboard in the public key tool of control panel or directly on the cloud server.

Various Ways to Use RSA Key Pair

RSA key pair generated through PuTTYgen is used in two various ways defined as below:

  1. To assign while creating a new cloud server
    You can choose the public key from the given list of keys at the time of creating a cloud server. If you don’t find your key in that list, then first add and then assign it.
  2. Assign to an existing cloud server
    At the time of connecting to the cloud server, first of all, you need to tell PuTTY to use it for utilizing your newly created RSA key pair.

PuTTYgen being a component of the terminal emulator PuTTY does not have to be downloaded separately, hence, comes with the PuTTY .msi installation package. You can follow the simple steps to download PuTTYgen software for your system. That is the reason why you don’t need to download PuTTYgen separately. Once you download PuTTY software, you will be able to install and run PuTTYgen easily in no time. Below is the complete instruction about how to download and install PuTTY on Windows.

Apart from that, it is also integrated into third-party programs such as WinSCP installation package. Below you can find a complete PuTTYgen download and installation guide for all operating systems.

Download PuTTYgen on Windows

To download PuTTYgen the primary requisite is to acquire the copy of PuTTY installation package. For the 64-bit operating system, one must install the 64-bit version of PuTTY, i.e. putty-64bit-<version>-installer.msi.Similarly, for the 32-bit operating system, the respective 32-bit version of PuTTY, i.e. putty-<version>-installer.msi needs to be installed.

To get PuTTY, go to PuTTY Installation Download page, whereby the complete installation package will be available with setup instructions, installation guide, and download links to all other components of PuTTY such as putty.exe, pscp.exe, psftp.exe, puttytel.exe, plink.exe, pageant.exe and putty.zip.


Following the successful download of the PuTTY installation package. It is time to install the program. Go to How to install PuTTY on Windows, whereby you will find the step by step guidance for PuTTY installation for Windows operating system.

After successfully downloading and installing PuTTY on your Windows machine, you are just 2-3 clicks away to run PuTTYgen. Follow the below-given step by step guidance to run PuTTYgen:

Run PuTTYgen on Windows

To run PuTTYgen, Go to Windows -> Start Menu -> All Programs -> PuTTY -> PuTTYgen. You will see a window for the PuTTY Key Generator on your screen.

Voila! Now you can generate public or private key pair using PuTTYgen.

Download PuTTYgen for Mac


Below is the detailed guide to download PuTTYgen on Mac operating system. Mac OS has a built-in command-line SSH client known as Terminal. To utilize it, go to Finder and then opt for Go -> utilities from the top menu. After that find the terminal which supports SSH connections to remote servers.

However, to run PuTTYgen for mac, the first one must have to install PuTTY. There are multiple ways to install PuTTY, which are Homebrew or MacPorts. Both alternatives will also install the command-line of adaptations of PuTTYgen.

Ported PuTTY for Mac

Mac has the port of PuTTY which can be installed in various ways described as below:

  1. Installation using Homebrew:
    First, install the ‘brew command line’ Once installed use the below-given command to install PuTTY:-
    sudo brew install putty
  2. Installation using MacPorts:
    First of all, one must install MacPorts and then use the command-line to install PuTTY. Here is the command to install PuTTY via MacPorts
    sudo port install putty
    Additionally, a user can also add a shortcut to the desktop by writing the following command line
    –cp /opt/local/bin/putty ~/Desktop/PuTTY

However, there is an alternative way to install PuTTY on Mac OS. Cyberduck is a widely used Mac OS SSH Client. Once PuTTY installed on the Mac OS, a user can convert PuTTY derived private key format to OpenSSH.

Generate Ssh Key Mac For Aws Pc

To convert the private key to standard PEM format, type the following command –

puttygen privatekey.ppk -O private-openssh -o privatekey.pem

You can also read the guide to convert .pem file to .ppk using puttygen.

Download PuTTYgen for Ubuntu/Linux

To download PuTTYgen for Ubuntu (Linux) operating system, a user to first install PuTTY. However, in some Linux distributions, the SSH key generation tool – PuTTYgen needs to be installed independently from the PuTTY client.

For example, Debian Linux requires the below-given code to install PuTTYgen:

sudo apt install putty-tools

Generate Key Pair for Authentication in Linux

To create the key pair for authentication in Linux use the below command:-

puttygen -t rsa -b 2048 -C 'user@host' -o keyfile.ppk

Various Command Line Options of PuTTY in Linux

Below are few important command line options in the Linux operating system for PuTTY:

Key

PuTTYgen [-t keytype [-b bits] [-q] | keyfile]
[-C new-comment] [-P]
[-O output-type | -p | -l | -L]
[-o output-file]

Options:

  1. Keyfile – It is the name of the existing key file to read at the time of changing the current key.
  2. t keytype – The command specifies the type of key to creating. Its acceptable values are RSA and dsa.rsa1.
  3. -b bits – This command specifies a total number of bit in a particular key. 1024 is the perfect size for DSA key, while 2048 or 4096 are the perfect size for RSA keys.
  4. q – The command suppresses the message about progress at the time of key generation.
  5. -C new-comment – The command will specify the comment to describe the key. It can be used for the new and/or existing key. Key operation is not affected by a comment. However, it is used to recognize the key owner, it’s not reliable completely as any value can be applied to it.
  6. –P – Using the command will update the passphrase of a key. Passphrase helps to encrypt the private key. As passphrase can’t add or update on a command line, it prompts a new passphrase tool to alter it.
  7. –old-passphrase-file – The old password of the key remains in this file. The command is used when the key is protected by a passphrase.
  8. –new-passphrase file – This command prompts the new passphrase of the key. It comes in the action either at the time of generating a new key or while applying –P command to change the passphrase.
  9. -O output-type – This command defines what to give in output. By default, the private key is the output.

Thus, above are the prominent commands of PuTTYgen in Linux operating system. Besides that, there are many other commands available to perform various tasks from the command prompt in Linux at flank speed.

Types of Keys Supported on PuTTYgen

It is important to know the types of key PuTTYgen supports prior to using it. Below are the key types that it currently supports for SSH-2 and SSH-1 protocol:-

Generate Ssh Key Osx

  • SSH-1 protocol:- For SSH-1 only supports one key i.e. Rivest–Shamir–Adleman (RSA)
  • SSH-2 protocol: – SSH-2 supports multiple key types that include – Digital Signature Algorithm (DSA), Elliptic Curve Digital Signature Algorithm (ECDSA) and Ed25519.

Generate Ssh Key Mac For Aws Server

The above description is a detailed brief on downloading and running PuTTYgen on all major operating systems. For further details please check the Download PuTTY page.