When setting up an SSH tunnel for Postgres in EC2, the public key should be saved in the authorized_keys file in the .ssh directory of the user’s home folder.
When generating keys for an SSH tunnel for Postgres where do you save the public key in in EC2?
This topic has been created from a Slack thread to give it more visibility.
It will be on Read-Only mode here. Click here if you want
to access the original thread.
This would generally be in ~/.ssh/authorized_keys on your bastion/jump server (under the user you’re connecting as). Most OpenSSH configs also read from /etc/ssh/authorized_keys—but practice is generally within the user folder to avoid a bunch of noise in the shared file, which I tend to see reserved for logins as root (which are generally a bad idea anyway).
If you don’t already have a way to auth (e.g. password) from the machine generating the key (meaning you can’t use ssh-copy-id), you can just cat ~/.ssh/[your-key-name].pub and copy/paste that line to the end of ~/.ssh/authorized_keys on your bastion host.