In order to manage a remote Linux server, you must employ an SSH client. Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network. Common applications include remote command-line login and remote command execution.
Linux distributions and macOS ship with a functional SSH client that accepts standard PEM keys. Windows does not ship with an SSH client. Therefore, this Lab Step includes instructions for users running Linux/macOS and Windows on their local host. Only one of them is required depending on your local operating system.
Instructions (Linux / macOS Users)
1. Open your Terminal application
2. Run the following ssh command:
ssh -i /path/to/your/keypair.pem user@server-ip
server-ipis the Public IP of your server, found on the Description tab of the running instance in the EC2 Console
useris the remote system user (ec2-user for Amazon Linux) that will be used for the remote authentication. In this Lab, you must use ec2-user.
Note that the Amazon Linux AMIs typically use
ec2-user as a username. Other popular Linux distributions use the following user names:
- Debian: admin
- RedHat: ec2-user
- Ubuntu: ubuntu
Assuming that you selected the Amazon Linux AMI, your assigned public IP is 126.96.36.199, and your keypair (named "keypair.pem") is stored in /home/youruser/keypair.pem, the example command to run is:
ssh -i /home/youruser/keypair.pem firstname.lastname@example.org
Important! Your SSH client may refuse to start the connection, warning that the key file is unprotected. You should deny the file access to any other system users by changing its permissions. From the directory where the public key is stored on your local machine, issue the following command and then try again:
chmod 600 /home/youruser/keypair.pem
The change mode (
chmod) command shown above will change the permissions on your private key file so only you can read and write (modify) it. No other users on the system can modify it, or even read it.
Tip: The Instances page provides a helpful shortcut for connecting to a Linux instance. Select the running instance and click the Connect button. It will formulate an example
ssh command for you, including the required key name and public IP address. However, it is still useful to learn the basics of manually using the
Instructions (Windows Users)
Windows has no SSH client, so you must install one. This part of the Lab Step will use PuTTY (freely available here on their website) and a previously converted PEM key (converted from PPK using PuTTYgen).
1. Open PuTTY and insert the EC2 instance public IP Address in the Host Name field:
2. Navigate to Connection > SSH > Auth in the left pane and then select the downloaded private key that you previously converted to PPK format:
After a few seconds, you will see the authentication form.
3. Login as ec2-user and you will see the EC2 server welcome banner and be placed in the Linux shell: