Reputation: 21
AWS Simple AD : SSH based key Authentication for Linux instances
We currently have openldap setup and we upload new user's keys to LDAP and they are able to login to our AWS EC2 Linux instances using these keys.
We are planning to migrating to AWS Simple AD, Does AWS Simple AD offer feature of uploading SSH keys for new users ? and authenticating to Linux servers using this uploaded SSH key? Sorry I couldnt find any definite answer on google, any direct help will be much appreciated. Thanks!
Upvotes: 1
Views: 1482
Answers (1)
Reputation: 3737
You can interact with SimpleAD in the same way you would with any ldapserver. You will need to be within the VPC but the following code works (assuming you already have the user Test User created in the directory
Example
/tmp/username.ldif
dn: CN=Test User,CN=Users,DC=ad,DC=example,DC=org
changeType: modify
add: objectClass
objectClass: ldapPublicKey
dn: CN=Test User,CN=Users,DC=ad,DC=example,DC=org
changeType: modify
add: sshPublicKey
sshPublicKey: ssh-rsa ....
ldbmodify --verbose --url "ldap://ad.example.org" --user "SIMPLEAD_USERNAME" --password 'SIMPLE_AD_PASSWORD' /tmp/username.ldif
This post details joining the realm and using it to auth the servers using sssd with AuthorizedKeysCommand.
https://github.com/localytics/chef-sssd/blob/master/GETTING_STARTED.md
Upvotes: 3
Related Questions
- passwordless ssh authentication using active directory
- AWS access keys (for CLI authentication, etc..) for users from a SAML identity provider, or AD connector?
- AWS SSH Key Pair Creation
- AWS SSH access key generation procedure and putting on EC2
- Amazon Linux 2 User Creation with SSH Keys
- How to connect to AWS simple AD using ldapsearch?
- SSH Key Management with AWS
- SSH Key authorization for user
- AWS access/secret keys for Amazon Simple AD users
- Allowing users to SSH into EC2 Linux Instance with key pairs