| « PreviousNext » | |
   | Did this page help you? Yes | No | Tell us about it... |
Connecting to Your Linux/UNIX Instances Using SSH
To connect to an instance, you will need a running instance and the private key file that corresponds to the key pair that was selected when the instance was launched. For information about launching instances, see Launching EC2 Instances. For information about key pairs, see Getting a Key Pair.
Topics
Connecting to Your Instance from Your Web Browser Using a Java-Based SSH Client
Prerequisites
Install Java (see http://java.com/en/download/help/index_installing.xml)
On a Windows or Mac client, you must run your Web browser with administrator credentials. For Linux, additional steps may be required if you are not logged in as root.
Enable Java in your web browser (see http://java.com/en/download/help/enable_browser.xml)
To connect to your instance using a web browser with an SSH client
Sign in to the AWS Management Console and open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
In the navigation pane, click Instances.
Right-click your instance, and select Connect.
Click Connect from your browser using the Java SSH client (Java Required). AWS automatically detects the public DNS address of your instance and the key pair name you launched the instance with.
In User name, enter the user name to log in to your instance.
Note
For an Amazon Linux instance, the default user name is
ec2-user. For Ubuntu, the default user name isubuntu. Some AMIs allow you to log in as root.The Key name field is automatically populated for you.
In Private key path, enter the fully qualified path to your .pem private key file.
Click Save key location, click Stored in browser cache to store the key location in your browser cache so the key location is detected in subsequent browser sessions, until your clear your browser’s cache.
Click Launch SSH Client.
If necessary, click Yes to trust the certificate.
Click Run to run the MindTerm client.
If you accept the license agreement, click Accept.
If this is your first time running MindTerm, a series of dialog boxes will ask you to confirm setup for your home directory and other settings.
Confirm settings for MindTerm setup. A screen opens and you are connected to your instance.
Connecting to Linux/UNIX Instances from Linux/UNIX using SSH
Prerequisites
Install an SSH client
Most Linux and UNIX computers include an SSH client by default. You can check for an SSH client by typing ssh at the command line. If your computer doesn't recognize the command, the OpenSSH project provides a free implementation of the full suite of SSH tools. For more information, see http://www.openssh.org.
Amazon EC2 CLI Tools—Install the tools to enable use of the
ec2-get-console-outputcommand.For more information, see Setting Up the Amazon EC2 Command Line Interface Tools.
Private key—Get the path to your private key
You'll need the fully qualified path of the private key file associated with your instance. For more information on key pairs, see Getting a Key Pair.
Enable SSH traffic—Open the SSH port on the instance.
Before you try to connect, ensure that your instance accepts incoming SSH traffic (usually on port 22). For more information, see Authorizing Network Access to Your Instances.
To connect to your instance using SSH
If you've launched a public AMI, run the
ec2-get-console-outputcommand on your local system (not on the instance), and locate theSSH HOST KEY FINGERPRINTSsection. For more information, seeec2-get-console-outputin the Amazon Elastic Compute Cloud Command Line Reference.PROMPT>ec2-get-console-outputinstance_id... ec2: -----BEGIN SSH HOST KEY FINGERPRINTS----- ec2: 2048 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 /etc/ssh/ssh_host_key.pub ec2: 2048 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 /etc/ssh/ssh_host_rsa_key.pub ec2: 1024 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 /etc/ssh/ssh_host_dsa_key.pub ec2: -----END SSH HOST KEY FINGERPRINTS-----...Note the fingerprints so that you can compare them to the fingerprints of the instance.
In a command line shell, change directories to the location of the private key file that you created when you launched the instance.
Use the
chmodcommand to make sure your private key file isn't publicly viewable. For example, if your private key file wereMy_Keypair.pem, you would enter:chmod 400 My_Keypair.pem
In the navigation pane, click Instances.
Right-click your instance, and then click Connect.
Click Connect using a standalone SSH client. AWS automatically detects the public DNS address of your instance and the key pair name you launched the instance with.
Copy the example command provided in the Amazon EC2 console if you launched an Amazon Linux instance. If you used a different Amazon Machine Image (AMI) for your Linux/UNIX instance, you need to log in as the default user for the AMI. For an Ubuntu instance, the default user name is
ubuntu. Some AMIs allow you to log in asrootso you will need to change the user name fromec2-userto the appropriate user name.ssh -i <your key a name>.pem ec2-user@ec2-184-72-204-112.compute-1.amazonaws.com
You'll see a response like the following.
The authenticity of host 'ec2-184-72-204-112.compute-1.amazonaws.com (10.254.142.33)' can't be established. RSA key fingerprint is 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00. Are you sure you want to continue connecting (yes/no)?
yesImportant
If you've launched a public AMI, verify that the fingerprint matches the fingerprint from the output of the
ec2-get-console-outputcommand. If it doesn't, someone might be attempting a "man-in-the-middle" attack.Enter
yes.You'll see a response like the following.
Warning: Permanently added 'ec2-184-72-204-112.compute-1.amazonaws.com' (RSA) to the list of known hosts.
Transfering Files to Linux/UNIX Instances from Linux/UNIX with SCP
One way to transfer files between your local computer and a Linux/UNIX instance is to use Secure Copy (SCP). This section describes how to transfer files with SCP. The procedure is very similar to the procedure for connecting to an instance with SSH.
Prerequisites
Enable SSH traffic—Open the instance's SSH port
Before you try to connect, ensure that your Amazon EC2 instance accepts incoming SSH traffic (usually on port 22). For more information, see Authorizing Network Access to Your Instances.
SCP client—Install an SCP client
Most Linux and UNIX computers include an SCP client by default. If yours doesn't, the OpenSSH project provides a free implementation of the full suite of SSH tools, including an SCP client. For more information, go to http://www.openssh.org.
Instance ID—Get the ID of your Amazon EC2 instance
Retrieve the Instance ID of the Amazon EC2 instance you want to access. The Instance IDs for all of your instances are available in the Amazon EC2 console or with the ec2-describe-instances command.
Instance's public DNS—Get the public DNS of your Amazon EC2 instance
Retrieve the public DNS of the Amazon EC2 instance you want to access. You can find the public DNS for your instance using the Amazon EC2 console or with the ec2-describe-instances command.
Private key—Get the path to your private key
You'll need the fully qualified path of the private key file associated with your instance. For more information on key pairs, see Getting a Key Pair.
The following procedure steps you through using SCP to transfer a file. If you've already connected to the instance with SSH and have verified its fingerprints, you can start with the step that contains the SCP command (step 4).
To use SCP to transfer a file
If you've launched a public AMI, run the
ec2-get-console-outputcommand on your local system (not on the instance) and locate theSSH HOST KEY FINGERPRINTSsection. For more information, seeec2-get-console-outputin the Amazon Elastic Compute Cloud Command Line Reference.PROMPT>ec2-get-console-outputinstance_id... ec2: -----BEGIN SSH HOST KEY FINGERPRINTS----- ec2: 2048 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 /etc/ssh/ssh_host_key.pub ec2: 2048 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 /etc/ssh/ssh_host_rsa_key.pub ec2: 1024 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 /etc/ssh/ssh_host_dsa_key.pub ec2: -----END SSH HOST KEY FINGERPRINTS-----...Note the fingerprints so that you can compare them to the fingerprints of the instance.
In a command line shell, change directories to the location of the private key file that you created when you launched the instance.
Use the
chmodcommand to make sure your private key file isn't publicly viewable. For example, if your file wereMy_Keypair.pem, you would enter:chmod 400 My_Keypair.pem
Transfer a file to your instance using the instance's public DNS name (available through the AWS Management Console or the
ec2-describe-instancescommand). For example, if the key file isMy_Keypair.pem, the file to transfer is samplefile.txt, and the instance's DNS name is ec2-184-72-204-112.compute-1.amazonaws.com, use the following command to copy the file to the ec2-user home directory.scp -i My_Keypair.pem samplefile.txt ec2-user@ec2-184-72-204-112.compute-1.amazonaws.com:~
Note
Some AMIs let you log in as root, but some require that you log in with the username ec2-user. For log in information for your chosen AMI, contact your AMI provider directly or go to Amazon Machine Images (AMIs) page, then locate and click your AMI on the list.
You'll see a response like the following.
The authenticity of host 'ec2-184-72-204-112.compute-1.amazonaws.com (10.254.142.33)' can't be established. RSA key fingerprint is 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00. Are you sure you want to continue connecting (yes/no)?
yesImportant
If you've launched a public AMI, verify that the fingerprint matches the fingerprint from the output of the
ec2-get-console-outputcommand. If it doesn't, someone might be attempting a "man-in-the-middle" attack.Enter
yes.You'll see a response like the following.
Warning: Permanently added 'ec2-184-72-204-112.compute-1.amazonaws.com' (RSA) to the list of known hosts. Sending file modes: C0644 20 samplefile.txt Sink: C0644 20 samplefile.txt samplefile.txt 100% 20 0.0KB/s 00:00
To transfer files in the other direction, i.e., from your Amazon EC2 instance to your local computer, simply reverse the order of the host parameters. For example, to transfer the samplefile.txt file from your Amazon EC2 instance back to the home directory on your local computer as samplefile2.txt, use the following command on your local computer.
scp -i My_Keypair.pem ec2-user@ec2-184-72-204-112.compute-1.amazonaws.com:~/samplefile.txt ~/samplefile2.txt
