This article from the amazon web service tutorial series aims to show you step by step how you can connect to an amazon EC2 instance remotely right from your PC so that you can manage it in the ways you wish. I hope you already know about setting up an amazon EC2 Linux instance and have one ready to be connected. In brief, I will describe the following three key features here:
- Amazon EC2 Security Group: You will know what is security group is, how important it is and how to configure it properly.
- Set Up SSH Keys: To connect to an instance, a key must need to be set up. If you haven’t already during the launch of the EC2 instance, you can learn to do it now, also.
- Connect To Your Amazon EC2 Instance: Two different ways are there, and I will show the easiest one to get connected to perform necessary operations on your instance.
Make sure you have read or know about the earlier tutorials on this series to understand this one flawlessly.
Understanding Amazon EC2 Security Group:
This is a very important aspect of the management of your AWS EC2 instances. You need to understand properly what kind of security your server needs and thus configure one or assign a previously configured one. Let’s go to the ‘Security Group’ option from the left menu items.
As you can see (under the ‘inbound’ tab at the bottom), you can add as many security groups as you want and each can be configured with several protocol/IP access grants. You can either add your own custom port range or can use the given options for various protocols like SMTP, HTTP, SSH etc. which will automatically open the default ports used for those services. After adding a rule, you must also submit the ‘Apply Rule Changes’ button.
For this tutorial, as we will need to make an ssh connection to our server, please make sure that you have added and applied the ‘ssh’ protocol rule properly.
Adding A Key Pair:
For access via ssh, we will need an ssh key pair as well, instead of password-based authentication. If you already did one while launching an ec2 instance, you won’t need to do it anymore. Just make sure you have the key downloaded on your local PC. But, if you need a new key pair, please go to the ‘Key Pairs’ menu option on the left of the EC2 dashboard. Click on the ‘create key pair’ button.
Enter a name on the pop-up window and submit. A key pair will be created and available to you for download to your local PC. In an alternative way, you can import an already existing key pair from your PC as well as follows:
You need to make sure that the ssh key is in a secure place and has proper private access mode(644 is preferred). Otherwise, the key will be ignored while connecting, and you will be shown an error message mentioning it.
Let’s Connect To Amazon EC2 Instance:
As we are set up with the security configuration and have our ssh key as well, we can now go ahead to connect to our instance. Go to your ‘instances’ menu option. Right-click on the instance or check the instance and click on ‘Actions’ button above. From the list of commands, choose ‘connect to instance’ option. after clicking it, you should come up with a window with two different options as follows:
- From Browser Using Java SSH client: This is the easiest and my personal favourite option. You won’t have to have installed anything on PC, need to have java enabled on the browser. There is a small concern, though. You won’t be able to use chrome for this purpose if you are a mac OSX user ( as java 7 for mac doesn’t go well with 32-bit chrome).
- Using A Standalone SSH Client: You can use x-shell/putty in a windows environment. For mac or Linux OS, the terminal will work fine as well. Though I usually face an issue on the mac terminal. It gets hanged after some time, and I need to restart the terminal and re-connect, which seems annoying to me.
As the easiest option, we will see how we can get connected from the browser. First, check whether java is enabled on your browser. If not, the above connection window will show you a message mentioning that. In this case, run the latest java run-time installer and restart the browser(if required). After you have enabled java successfully, you should be able to see options to enter in this window:
Public DNS: The public DNS address/IP will be given for the instance you selected. You won’t need to enter this.
User Name: It’s given as ‘root’ by default. However, amazon won’t allow you to connect as root for security reasons. Rather, you will rather need to access via another user, and then you may switch to root if you want. Here, in my case, a default user ‘ubuntu’ existed by default, and I entered that username here.
Key name: It’s also given by default with the name you created/imported the key pair.
Private Key Path: The path of the private key file on your local system. Give the full path name. Just to mention, this key doesn’t have any extension.
Also, optionally you can select to save the given info on the browser so that next time, you don’t need to re-enter them.
Now, click the ‘Launch SSH Client’ button. If you have done all properly, it should get you a java based ssh terminal as follows:(you may be asked for permission first, from OS as well)
Congratulation, you have done it! We are now successfully connected to our amazon ec2 instance via ssh protocol.
Run Basic Linux Commands:
Well, let’s test that we can really run commands on our terminal. first, after logging in, you should be able to see whether there is any update available for OS or not. If so, let’s run the following commands to get our OS up to date:
$ sudo apt-get update
$ sudo apt-get upgrade
If it’s done, we can hope (and definitely will 😉 ) to be able to run our other necessary commands also in future then.
Change The Key Pair For EC2 Instance:
Usually, the key pair attached at the time of creation is the only key pair you can access your instance with. If, in any case, you lose the ‘.pem’ file you downloaded or delete the key from AWS control panel, you might need to update the instance with this new key pair. It’s not very much easy. A stack-overflow answer to the thread on this key pair change issue explains the procedure very well. Follow those instructions to get it done. However, on step 5, if you don’t know how to mount an EBS volume on an ec2 instance, follow this stackexchange thread.
Please check out amazon’s official documentation about connecting to the amazon ec2 instance as well for further reference. Feel free to ask any questions you have. And stay tuned to receive the next tutorial 🙂