SSH to AWS EC2 private server without sharing SSH key with team

Managing SSH server access for AWS EC2 server running in AWS VPC private subnet has its own challenges. Traditionally, people do SSH agent forwarding while doing SSH to AWS EC2 server running in AWS VPC private subnet, but with known potential security risks. In this blog post, you will learn how to SSH to AWS EC2 server running in AWS VPC private subnet, without sharing SSH key with the team using SloopEngine. It is recommended to know the potential security risks involved in sharing SSH keys with the team when providing SSH server access. With SloopEngine, you can totally avoid SSH agent forwarding, therefore, ensuring maximum security. Let's see how to do it.

Do a quick search across the internet, to know more on security risks involved in SSH agent forwarding.

Configure AWS EC2 security group

To allow SSH connection from SloopEngine, you need to write an inbound rule on your AWS EC2 security group to whitelist SloopEngine Gateway IP's. Check out the AWS EC2 documentation to know how to manage security groups.

Download SSH key pair from AWS EC2 console

Create new SSH key pair from AWS EC2 console. Once the SSH key pair is created, the private SSH key will be automatically downloaded to your machine, but the public SSH key won't. But you have to retrieve the public SSH key using the downloaded private SSH key with the help of AWS EC2 documentation. Then you must add an Identity to your SloopEngine Account, where you have to copy and paste the contents of private and public SSH key.

You cannot download the public SSH key directly from AWS EC2 console.

Boot AWS EC2 server on AWS VPC public subnet

First, you have to boot an AWS EC2 server within AWS VPC public subnet, which serves as SSH bastion host. Make sure you properly attach correct SSH key pair with this AWS EC2 server. Below are the list of things to be done, once its up and running.

  1. Add this AWS EC2 server on your SloopEngine Account.

  2. Deploy SloopEngine utility on this AWS EC2 server.

  3. Sync SSH key pair on this AWS EC2 server.

Boot AWS EC2 server on AWS VPC private subnet

Second, you have to boot an AWS EC2 server within AWS VPC private subnet. Also make sure you properly attach correct SSH key pair with this AWS EC2 server. Below are the list of things to be done, once its up and running.

  1. Deploy SloopEngine utility on this AWS EC2 server.

  2. Sync SSH key pair on this AWS EC2 server.

SSH to AWS EC2 server from SloopEngine

All you have to do is to create a Map on SloopEngine Account to assign SSH access to any of your team member. Once thats done, your team member can SSH to AWS EC2 server running in AWS VPC private subnet in single click from your SloopEngine Account.

Interested? Signup today for free! Thank you.

Recent videos about SloopEngine

Subscribe for updates

Please check your mailbox after submitting this form. If you haven't received any email from SloopEngine, check your spam folder. If you find SloopEngine emails in spam folder immediately move it to inbox.