Create multiple sudo users to EC2 Amazon Linux

Create multiple sudo users to EC2 Amazon Linux


Let’s say if an organization of 5 people going to access same server and sharing the same private key / password between users is not a good idea.

This post helps you to create multiple users / accounts and generating private key for each user.

Each Linux instance type launches with a default Linux system user account. Default users for following amazon instances are as follows.

Instance Type User
Amazon Linux ec2-user
RHEL5 root or ec2-user
Ubuntu ubuntu
Fedora fedora or ec2-user
SUSE Linux root or ec2-user

If ec2-user and root don’t work, check with your AMI provider.

Two Basic operations are needed perform to get this job done:

1) To add a new user to the system:

Use adduser command and the name of the user you wish to create.
[[email protected] ~]$ sudo adduser newuser

Above command adds the newuser account to the system (with an entry in the file /etc/passwd file), creates a newuser group , and creates a home directory for the account in /home/newuser

2) Remote access to newuser:

  1. Switch to the new account so that newly created files have the proper ownership.
  2. [[email protected] ~]$ sudo su – newuser

  3. Create a .ssh directory for the authorized_keys file.
  4. [newuser@ip- xxx-xx-xx-xxx ~]$ mkdir .ssh

  5. Change the file permissions of the .ssh directory to 700 (this means only the file owner can read, write, or open the directory).
  6. [newuser@ip- xxx-xx-xx-xxx ~]$ chmod 700 .ssh

  7. Create a file named “authorized_keys” in the .ssh directory.
  8. [newuser@ip- xxx-xx-xx-xxx ~]$ touch .ssh/authorized_keys

  9. Change the file permissions of the authorized_keys file to 600 (this means only the file owner can read or write to the file).
  10. [newuser@ip- xxx-xx-xx-xxx ~]$ chmod 600 .ssh/authorized_keys

  11. Edit the authorized_keys file and place public/private key which is generated

public/private key can be created via PuTTY Key Generator.

At this level, you should now be able to login into the same Ec2 Instance with new user without any sudo permission’s.

Assigning sudo permission’s to newuser

  1. Login as ec2-user and switch to root
  2. [[email protected] ~]$ sudo su
  3. Add “newuser” to sudoers list by
  4. [[email protected] ec2-user]# visudo
  5. And add this to the last line
  6. newuser ALL=(ALL)NOPASSWD:ALL

Installation Guide of RabbitVCS in Ubuntu

If you are famailier with TortioseSVN which is used on Windows Machine then RabbitVCS is equivalent of TortoiseSVN but for linux machine. You can install it using ubuntu software center , using tar package and using ppa repository. My suggestion is to use third option.

Prerequisite: python 2.7

You just have to follow simple step

  1. add a ppa repository
    command : sudo add-apt-repository ppa:rabbitvcs/ppa
  2. then use update command
    command : apt-get update (if root otherwise add sudo)
  3. then you need to install following packages
    • rabbitvcs-cli
    • rabbitvcs-core
    • rabbitvcs-gedit
    • rabbitvcs-nautilus3

    command : apt-get install rabbitvcs-cli rabbitvcs-core rabbitvcs-gedit rabbitvcs-nautilus3

Then kill all nautilus by using command
killall nautilus

Check weather you are able to see rabbitvcs item on your context menu by right click on any folder. Sometime you can not see the rabbitvcs
item into your context menu then check and libraries are present or not in directory /usr/lib.
If not make a link by using below command. These libraries may be present in /usr/lib/x86_64-linux-gnu and /usr/lib/i386-linux-gnu/.
for instance: ln -s /usr/lib/x86_64-linux-gnu/ /usr/lib/
ln -s /usr/lib/x86_64-linux-gnu/ /usr/lib/
ln -s /usr/lib/i386-linux-gnu/ /usr/lib/
ln -s /usr/lib/i386-linux-gnu/ /usr/lib/
Then either start your machine or kill nautilus using above command.

Note: Sometime you are not able to see rabbitvcs item on context menu then just kill all the nautilus.


vsftpd is lightweight, highly stable, secure, and fast FTP server for Linux environment. vsftpd also supports virtual ip, virtual users, bandwidth throttling, IPv6, encryption etc..

This article provides step-by-step instructions to set up FTP Server on your LINUX machine:


Install vsftpd:

sudo apt-get install vsftpd


Configure your vsfpd configuration file. You can find it on location /etc/vsftpd.conf

Uncomment following options in vsftpd.conf file:


anonymous_enable=YES (To Enable Anonymous user login)



Restart vsftpd service:

sudo service vsftpd restart



Now, you can access you FTP server on port 21.

Test your set up:

ftp localhost

For more configuration details, follow the link:

Here, you can find more description of vsftpd configuration parameters.

Change Default Port VSFTPD

VSFTPD default port is 21. If you want to change default port to any other port, follow the steps:

Add following options to vsftpd.conf:






Allow outbound rule in firewall for these passive ports. You can save these using iptables:

iptables -I INPUT -p tcp –destination-port 10090:10100 -j ACCEPT


Restart your vsftpd service after changing ports:

sudo service vsftpd restart





Add the following options in vsftpd.conf file to enable FTPS:



No need to create a certificate if openssl package is installed!

Restart your vsftpd service:

sudo service vsftpd restart



Both FTP and FTPS using vsftpd

If you want to start your FTP and FTPS server simultaneously, you can achieve it by starting 2 services of vsfpd.

1)      Copy /etc/vsftpd.conf to /etc/vsftpd-ssl.conf

2)      Edit and configure /etc/vsfpd-ssl.conf for FTPS server.

3)      Save it.

4)      First start vsftpd service (FTP) sudo service vsftpd start

5)      Now, start vsftpd service for FTPS:   sudo vsftpd /etc/vsftpd-ssl.conf


— Sharad Sinha