Certified Security - Specialty
  1. Rooms
  2. Certified Security - Specialty

Sign Up Free or Log In to participate!

Did you really just put a private key in an s3 bucket without a 1yr lecture on why thats bad? I realize its for example only

Did you really just put a private key in an s3 bucket without a 1yr lecture on why thats bad? I realize its for example only

ArobTheArab

Exactly — there are no such things as fixed "best practices." Everything is based on risk context. And even for routine use, putting keys in a well-secured S3 bucket carries no more risk than any other portable media.

Michael McGuinness

No need for the private key to exist anywhere other than the device that requires the access. Generate the key pair there and copy up the public key to the EC2 instance (or cut and paste).

Ray Finch

+1 @Michael McGuinness the better option would have been to create the key pair on his laptop and upload the pub key to S3. Or just use ssh-copy-id.

Reza Beykzadeh

As an alternative, you can use session manager to ssh to linux boxes with no effort. This way you don’t really need the keys.

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization