The process is pretty simple. Let’s say you use an ssh key (.pem) file generated by Amazon. However you use the same key on a few of your instances and you’d like to allow a developer access to only one at a time.
To do that, you need to generate a custom ssh key for your developer to log into one machine:
- Generate a custom ssh key (private)
- Generate a public key
- Change permissions of the folders and ssh keys container the newly generated keys on both your machine and server
- Copy the public key to the target ssh key
#private key openssl genrsa -des3 -out MyKey.pem #public key ssh-keygen -y -f MyKey.pem > abc.pub #permissions chmod 400 MyKey.pem chmod 700 .ssh chmod 600 .ssh/authorized_keys -> server side #copy to server copy the public key to .ssh/authorized_keys -> server side
That’s it! You should end up with keys that your developer can use on only the servers you allow.