Add a non root user to your AWS ec2 instance
When a new ec2 instance is created a default user ec2-user which has root access is created. If you are building a new server for an organization its always advisable to follow the principle of least privilege.
What if a disgruntled team member leaves the team on bad terms or the common private key is compromised ? We would be forced to generate a new ssh key and share it among all the team members which again comes with newer risks as the team grows.
As you would create a new IAM user on the AWS account for other 'non-admin' users to access, the best process to follow is to create additional users in the ec2 instance and generate a ssh key and share that to individual users.
There are other solutions to this issue, but this is the probably best-easy (think cost-benefit) solution. Ideally when you create an IAM user it would be for a team member, like a developer or admin role. Note that not all admins need to be root users. As the team grows or the application grows, the IAM groups, users and roles will grow with them. So its advised that the admins should get the initial setup and processes right.
Create a new user( can be same the IAM user) by using the adduser username command :
sudo adduser username
Then su into the new user :
sudo su – username
Generate a new ssh key :
ssh-keygen -N $USER -f ~/"$USER"_id_rsa
Make a directory called .ssh and set its permission to read – write for the new user :
mkdir .ssh
chmod 700 .ssh
Copy the contents of the public key to a new file named authorized_keys :
cat "$USER"_id_rsa.pub > .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
Share the private key securely to the new user.
You could copy these commands to a script under the user, eventually add more setup commands to the script as your app grows.