After launching your Linux instance on AWS, a common practice is to enable SSH connection for provisioning, configuring or deploying your application. I have done these practice daily because all tools that I am using such as Ansible, Capistrano, Fabric, Github, BitBucket, they all need SSH connection.
Firstly, we must have a SSH Client installed on your development machine
For Windows user, you should install Git Bash (Not putty as recommended in the AWS document)
For Ubuntu user, please run this command sudo apt-get install openssh-client
For Mac user, please run ssh -V to make sure it has been installed
I suppose that you have known to create an AWS EC2 Instance, please login to your AWS console and select the instance your created.
Click on the connect button that I noted on the above screen, you will see a screen for guiding how to connect to your Linux instance.
I hope you can connect to your Linux Instance now with this command
ssh -i "yourkeyfile.pem" [email protected]
but this is not the reason that I write this blog, you must configure to enable to connect your instance with this command
ssh [email protected] or ssh yourdomain.com
To enable this happen, we must follow these steps
- Create public and prive keys usingssh-keygen using your ssh client ( I use git bash as mentioned above), output will look like this
Generating public/private rsa key pair. Enter file in which to save the key (~/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in ~/.ssh/id_rsa. Your public key has been saved in ~/.ssh/id_rsa.pub. The key fingerprint is: 0a:78:46:af:23:99:ac:b2:1e:ec:ef:c9:c9:b3:22:48 [email protected] The key's randomart image is: +--[ RSA 2048]----+ | | | | | . | | o . | | . + . S | |.E = o . | |oo= o . | |=o+oo. | |*++Oo | +-----------------+
- Copying the public key that you have just created to the remote server
cat ~/.ssh/id_rsa.pub | ssh -i "yourkeyfile.pem" [email protected] 'cat >> .ssh/authorized_keys'
After that, you may access your linux instance with this simple command, you do not have to specify the key file anymore
But it will be hard for you to remember the public DNS, you can config to change in the ssh config ~/.ssh/config
I am using Windows, I appended the file with these lines
Host yourdomain.com Hostname ec2-35-160-228-141.us-west-2.compute.amazonaws.com User ubuntu
After that, you can access to your instance using this command
Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-36-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud 58 packages can be updated. 20 updates are security updates. Last login: Sun Oct 23 14:55:15 2016 from 22.214.171.124 [email protected]:~$
To secure your instance, Your default security group does not allow incoming SSH traffic by default and enable your IP only when needing access
This blog is written for my self for remembering daily process I do. I hope it can help you guys to save your time of googling.