Ubuntu EC2 instance connect for Cli SSH with Azure-AD SSO or for traditional SSH access.

                    SETTING-UP EC2 INSTANCE CONNECT FOR CLI SSH ACCESS UBUNTU


There are different ways of gaining SSH access for EC2 instances here we will see SSH access for EC2 instance through Cli. This method best suits if you use Azure-AD SSO with AWS.

Setting up EC2 instance connect:

EC2 instance connect needs followings,

1. Amazon Linux 2 of any version  OR

2. Ubuntu 16.04 or later.


For Ubuntu:

First connect to your EC2 instance with Sudo access and become Sudo.

then update and upgrade your instance

sudo apt update -y && sudo apt upgrade -y

sudo apt install ec2-instance-connect -y

Now attach a policy like this to the IAM user in order to send the instance SSH key.

Replace the AWS-ACCOUNTID with your ID. You can also customise based on your need like access to certain instances. This role gives access to all instances in your account.


{

    "Version": "2012-10-17",

    "Statement": [

        {

            "Sid": "VisualEditor0",

            "Effect": "Allow",

            "Action": "ec2-instance-connect:SendSSHPublicKey",

            "Resource": "arn:aws:ec2:us-east-1:AWS-AccountID:instance/*",

            "Condition": {

                "StringEquals": {

                    "ec2:osuser": [

                        "thuvaragesh"

                    ]

                }

            }

        }

    ]

}



For traditional SSH:

Now in your local system install AWS-Cli.

1. $ sudo apt-get update

2. $ sudo apt-get install awscli

3. check the version

$ aws --version

4. then configure aws-cli using

$ aws configure 

you can give your AWS details there and configure once done use the following  command to send your local computer ssh key to EC2 instance.


    aws ec2-instance-connect send-ssh-public-key \

    --instance-id i-0b35 \

    --availability-zone us-west-1c \

    --instance-os-user thuvaragesh \

    --ssh-public-key file://~/.ssh/my_rsa_key.pub

This will send your SSH key to EC2 instance and the output will be TRUE.




Now SSH using below command,

ssh -i ~/.ssh/my_rsa_key.pub thuvaragesh@3.95.175.19 -p 50


For Azure-AD SSO:

First install AWS-Azure-login you can refer here [https://hibern8e.blogspot.com/2020/12/azure-ad-integration-with-aws-for.html]


Now configure AWS-Azure-login using 

$ aws-azure-login



and provide all your Azure details. Then use the same command as above to send your SSH key to EC2 instance.

connect using SSH by,

ssh -i ~/.ssh/my_rsa_key.pub thuvaragesh@3.95.175.19 -p 50






Comments

Post a Comment

Popular posts from this blog

Azure AD login for linux and windows(on premise)

Image
                                  Azure AD login for linux and windows(on premise) In this blog I will explain how to login to your on-premise Linux and windows instances using your Azure AD credentials without any need of on-premise AD. First let us see how to do it in ubuntu: For ubuntu we will be using ADAL for nodejs for implementing this. You can get the code from the git-repo here, https://github.com/thuvarageshchiv/adal-for-linux.git  move to your home directory, $ cd ~ $ git clone https://github.com/thuvarageshchiv/adal-for-linux.git $ cd adal-for-linux/adal-auth-ubuntu/aad-login $ ./install.sh  [NAME of YOUR AZURE ACTIVE DIRECTORY] [APP CLIENT ID] Now before running the script we need details of the Azure AD name and native application client ID. To get your directory name just login to Azure active directory and switch to users and select...
Read more

Ubuntu 18.04 no audio error

                                                                   UBUNTU 18.04 NO AUDIO ERROR     I  am posting the fix which worked for me on Ubuntu 18.04. Permanent fix: sudo apt install alsa-tools-gui Run  hdajackretask Parser hints > jack_detect = no Apply now Install boot override Some times you get error while on Apply now like, /sys/class/soynd/hwC0D2/reconfig: device busy then kill the process like  $ sudo pkill pulseaudio Now reboot.
Read more

STATIC WEBSITE WITH AWS S3 AND CLOUD FRONT CDN

Image
                                   STATIC WEBSITE WITH AWS S3 AND CDN As the title says let us see how to setup static site with S3 and CDN for high delivery performance. S3: First login to your AWS console and navigate to S3 console, Create a S3 bucket in the same name as your website ex: cdn.example.com In the permission tab edit public access and make the bucket as public as below, Update the bucket policy as below which makes the bucket public, {     "Version": "2008-10-17",     "Id": "PolicyForPublicWebsiteContent",     "Statement": [         {             "Sid": "PublicReadGetObject",             "Effect": "Allow",             "Principal": {                 "AWS": "*"   ...
Read more